$source=undef,
$content=undef,
$max_clients=200,
- $ensure=present,
+ Enum['present','absent'] $ensure = 'present',
$sslname=undef,
) {
include rsync
$fname_real_rsync = "/etc/rsyncd-${name}.conf"
$fname_real_stunnel = "/etc/rsyncd-${name}-stunnel.conf"
- case $ensure {
- present,absent: {}
- default: { fail ( "Invald ensure `${ensure}' for ${name}" ) }
- }
-
$ensure_service = $ensure ? {
present => running,
absent => stopped,
provider => systemd,
}
- @ferm::rule { "rsync-${name}-ssl":
+ ferm::rule { "rsync-${name}-ssl":
domain => '(ip ip6)',
description => 'Allow rsync access',
rule => '&SERVICE(tcp, 1873)',
}
+ $certdir = hiera('paths.letsencrypt_dir')
dnsextras::tlsa_record{ "tlsa-${sslname}-1873":
zone => 'debian.org',
- certfile => [
- "/etc/puppet/modules/ssl/files/servicecerts/${sslname}.crt",
- "/etc/puppet/modules/ssl/files/from-letsencrypt/${sslname}.crt",
- ],
+ certfile => [ "${certdir}/${sslname}.crt" ],
port => 1873,
hostname => $sslname,
}