etc/stunnel dir

[mirror/dsa-puppet.git] / modules / stunnel4 / manifests / init.pp

diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp
index 36b5ce0..83fbd82 100644 (file)
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -1,6 +1,12 @@
 class stunnel4 {
     define stunnel_generic($client, $verify, $cafile, $crlfile=false, $accept, $connect, $local=false) {
         file {
+            "/etc/stunnel":
+                ensure  => directory,
+                owner   => root,
+                group   => root,
+                mode    => 755,
+                ;
             "/etc/stunnel/puppet-${name}.conf":
                 content => template("stunnel4/stunnel.conf.erb"),
                 notify  => Exec['restart_stunnel'],
@@ -29,8 +35,12 @@ class stunnel4 {
         @ferm::rule {
             "stunnel-${name}":
                 description => "stunnel ${name}",
-                rule => "&TCP_UDP_SERVICE(${accept})",
-                domain => "(ip ip6)",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V4)",
+                ;
+            "stunnel-${name}-v6":
+                domain          => 'ip6',
+                description => "stunnel ${name}",
+                rule => "&SERVICE_RANGE(tcp, ${accept}, \$HOST_DEBIAN_V6)",
                 ;
         }
     }
@@ -63,6 +73,7 @@ class stunnel4 {
     file {
         "/etc/stunnel/stunnel.conf":
             ensure => absent,
+            require => [ Package['stunnel4'] ],
             ;
     }