class stunnel4 {
- # define an stunnel listener, listening for SSL connections on $accept,
- # connecting to plaintext service $connect using local source address $local
- define stunnel_server($accept, $connect, $local = "127.0.0.1") {
- file {
- "/etc/stunnel/puppet-${name}.conf":
- content => template("stunnel4/server.conf.erb"),
- notify => Exec['restart_stunnel'],
- ;
- }
- }
+ package { 'stunnel4':
+ ensure => installed
+ }
- package {
- "stunnel4": ensure => installed;
- }
+ file { '/etc/stunnel':
+ ensure => directory,
+ mode => '0755',
+ }
+ file { '/etc/init.d/stunnel4':
+ source => 'puppet:///modules/stunnel4/etc-init.d-stunnel4',
+ mode => '0555',
+ notify => Exec['systemctl daemon-reload'],
+ }
+ file { '/etc/stunnel/stunnel.conf':
+ ensure => absent,
+ require => Package['stunnel4'],
+ }
- file {
- "/etc/stunnel/stunnel.conf":
- ensure => absent,
- ;
- }
-
- exec {
- "enable_stunnel4":
- command => "sed -i -e 's/^ENABLED=/#&/; \$a ENABLED=1 # added by puppet' /etc/default/stunnel4",
- unless => "grep -q '^ENABLED=1' /etc/default/stunnel4",
- require => [ Package['stunnel4'] ],
- ;
- "restart_stunnel":
- command => "env -i /etc/init.d/stunnel4 restart",
- require => [ File['/etc/stunnel/stunnel.conf'], Exec['enable_stunnel4'], Package['stunnel4'] ],
- ;
- }
+ exec { 'enable_stunnel4':
+ command => 'sed -i -e \'s/^ENABLED=/#&/; $a ENABLED=1 # added by puppet\' /etc/default/stunnel4',
+ unless => 'grep -q \'^ENABLED=1\' /etc/default/stunnel4',
+ require => Package['stunnel4'],
+ }
+ exec { 'kill_file_override':
+ command => 'sed -i -e \'s/^FILES=/#&/\' /etc/default/stunnel4',
+ onlyif => 'grep -q \'^FILES=\' /etc/default/stunnel4',
+ require => Package['stunnel4'],
+ }
}
-
-# vim:set et:
-# vim:set sts=4 ts=4:
-# vim:set shiftwidth=4: