projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Handle a RewriteMap for Debian Reference
[mirror/dsa-puppet.git] / modules / stunnel4 / manifests / init.pp
diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp
index a4c9d50..5e2b8a3 100644 (file)
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -1,6 +1,12 @@
 class stunnel4 {
     define stunnel_generic($client, $verify, $cafile, $crlfile=false, $accept, $connect, $local=false) {
         file {
+            "/etc/stunnel":
+                ensure  => directory,
+                owner   => root,
+                group   => root,
+                mode    => 755,
+                ;
             "/etc/stunnel/puppet-${name}.conf":
                 content => template("stunnel4/stunnel.conf.erb"),
                 notify  => Exec['restart_stunnel'],
@@ -29,8 +35,12 @@ class stunnel4 {
         @ferm::rule {
             "stunnel-${name}":
                 description => "stunnel ${name}",
-                rule => "&TCP_UDP_SERVICE(${accept})",
-                domain => "(ip ip6)",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V4)",
+                ;
+            "stunnel-${name}-v6":
+                domain          => 'ip6',
+                description => "stunnel ${name}",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V6)",
                 ;
         }
     }
@@ -50,7 +60,6 @@ class stunnel4 {
                 cafile => "/etc/stunnel/puppet-${name}-peer.pem",
                 accept => "${accept}",
                 connect => "${connecthost}:${connectport}",
-                require => [ File["/etc/stunnel/puppet-${name}-peer.pem"] ],
                 ;
         }
     }
@@ -63,6 +72,7 @@ class stunnel4 {
     file {
         "/etc/stunnel/stunnel.conf":
             ensure => absent,
+            require => [ Package['stunnel4'] ],
             ;
     }
 
@@ -73,7 +83,7 @@ class stunnel4 {
                 require => [ Package['stunnel4'] ],
                 ;
         "restart_stunnel":
-                command => "env -i /etc/init.d/stunnel4 restart",
+                command => "true && cd / && env -i /etc/init.d/stunnel4 restart",
                 require => [ File['/etc/stunnel/stunnel.conf'], Exec['enable_stunnel4'], Package['stunnel4'] ],
                 refreshonly => true,
                 ;
Unnamed repository; edit this file 'description' to name the repository.