X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fstunnel4%2Ftemplates%2Fstunnel.conf.erb;fp=modules%2Fstunnel4%2Ftemplates%2Fstunnel.conf.erb;h=b4d544883cc6264beb6e496574eb33671b465212;hb=f0a682647864402c133fe0825b1438d8a1aa3cf8;hp=0000000000000000000000000000000000000000;hpb=fec3645d1cdb5298ede4f32c591e8aade24cfd28;p=mirror%2Fdsa-puppet.git

diff --git a/modules/stunnel4/templates/stunnel.conf.erb b/modules/stunnel4/templates/stunnel.conf.erb
new file mode 100644
index 000000000..b4d544883
--- /dev/null
+++ b/modules/stunnel4/templates/stunnel.conf.erb
@@ -0,0 +1,41 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
+##
+
+<%- if client -%>
+cert = /etc/ssl/debian/certs/thishost.crt
+key = /etc/ssl/debian/keys/thishost.key
+<%- else -%>
+cert = /etc/exim4/ssl/thishost.crt
+key = /etc/exim4/ssl/thishost.key
+<%- end -%>
+
+; Some security enhancements for UNIX systems - comment them out on Win32
+chroot = /var/run/stunnel4
+setuid = stunnel4
+setgid = stunnel4
+; PID is created inside chroot jail
+pid = /stunnel-<%= name %>.pid
+
+verify = <%= verify %>
+CAfile = <%= cafile %>
+<%- if crlfile -%>
+CRLfile = /etc/exim4/ssl/ca.crl
+<%- end -%>
+
+; Some debugging stuff useful for troubleshooting
+debug = notice
+; don't use a file, use syslog
+; output = /var/log/stunnel4/stunnel.log
+
+client = <%= client ? "yes" : "no" %>
+
+[<%= name %>-server]
+accept = <%= accept =~ /:/ ? accept : ":::#{accept}" %>
+connect = <%= connect %>
+<%- if local -%>
+local = <%= local %>
+<%- end -%>
+
+; vim:ft=dosini