class stunnel4 {
define stunnel_generic($client, $verify, $cafile, $crlfile=false, $accept, $connect, $local=false) {
file {
+ "/etc/stunnel":
+ ensure => directory,
+ owner => root,
+ group => root,
+ mode => 755,
+ ;
"/etc/stunnel/puppet-${name}.conf":
content => template("stunnel4/stunnel.conf.erb"),
notify => Exec['restart_stunnel'],
;
+ "/etc/init.d/stunnel4":
+ source => "puppet:///modules/stunnel4/etc-init.d-stunnel4",
+ mode => 555,
+ ;
}
}
cafile => "/etc/stunnel/puppet-${name}-peer.pem",
accept => "${accept}",
connect => "${connecthost}:${connectport}",
- require => [ File["/etc/stunnel/puppet-${name}-peer.pem"] ],
;
}
}
;
"restart_stunnel":
command => "true && cd / && env -i /etc/init.d/stunnel4 restart",
- require => [ File['/etc/stunnel/stunnel.conf'], Exec['enable_stunnel4'], Package['stunnel4'] ],
+ require => [ File['/etc/stunnel/stunnel.conf'],
+ File['/etc/init.d/stunnel4'],
+ Exec['enable_stunnel4'],
+ Exec['kill_file_override'],
+ Package['stunnel4']
+ ],
refreshonly => true,
;
+ "kill_file_override":
+ command => "sed -i -e 's/^FILES=/#&/' /etc/default/stunnel4",
+ onlyif => "grep -q '^FILES=' /etc/default/stunnel4",
+ require => [ Package['stunnel4'] ],
+ ;
}
}