X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fsyncproxy.pp;h=202cabda03a37e01383ed8465199f9bb01fbf53f;hb=442288773cb84d250a80d1848f3c17a122acd5f5;hp=10430c1b2ea70fe55d55f49e462850bfdaf0dbcd;hpb=34476d6987dfc64f068e734a8444c688f98e7eda;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/syncproxy.pp b/modules/roles/manifests/syncproxy.pp
index 10430c1b2..202cabda0 100644
--- a/modules/roles/manifests/syncproxy.pp
+++ b/modules/roles/manifests/syncproxy.pp
@@ -24,12 +24,6 @@ class roles::syncproxy {
 		default => 'unknown'
 	}
 
-	rsync::site { 'syncproxy':
-		content => template('roles/syncproxy/rsyncd.conf.erb'),
-		bind    => $bind,
-		bind6   => $bind6,
-	}
-
 	file { '/etc/rsyncd':
 		ensure => 'directory'
 	}
@@ -42,7 +36,10 @@ class roles::syncproxy {
 
 	if $::apache2 and $syncproxy_name != 'unknown' {
 		include apache2::ssl
-		ssl::service { "$syncproxy_name": notify => Service['apache2'], key => true, }
+		ssl::service { "$syncproxy_name":
+			notify => Service['apache2'],
+			key => true,
+		}
 		apache2::site { '010-syncproxy.debian.org':
 			site   => 'syncproxy.debian.org',
 			content => template('roles/syncproxy/syncproxy.debian.org-apache.erb')
@@ -56,41 +53,17 @@ class roles::syncproxy {
 			content => template('roles/syncproxy/syncproxy.debian.org-index.html.erb')
 		}
 
-		file { '/etc/rsyncd-syncproxy-stunnel.conf':
-			content => template('roles/syncproxy/rsyncd-syncproxy-stunnel.conf.erb')
-		}
-		xinetd::service { "rsync-syncproxy-ssl":
-			bind        => $bind,
-			id          => "syncproxy-rsync-ssl",
-			server      => '/usr/bin/stunnel4',
-			service     => 'rsync-ssl',
-			type        => 'UNLISTED',
-			port        => '1873',
-			server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
-			ferm        => false,
-			instances   => 50,
-			require     => File["/etc/rsyncd-syncproxy-stunnel.conf"],
+		rsync::site { 'syncproxy':
+			content => template('roles/syncproxy/rsyncd.conf.erb'),
+			bind    => $bind,
+			bind6   => $bind6,
+			sslname => "$syncproxy_name",
 		}
-
-		if $bind6 != '' {
-			xinetd::service { "rsync-syncproxy-ssl6":
-				bind        => $bind6,
-				id          => "syncproxy-rsync-ssl",
-				server      => '/usr/bin/stunnel4',
-				service     => 'rsync-ssl',
-				type        => 'UNLISTED',
-				port        => '1873',
-				server_args => "/etc/rsyncd-syncproxy-stunnel.conf",
-				ferm        => false,
-				instances   => 50,
-				require     => File["/etc/rsyncd-syncproxy-stunnel.conf"],
-			}
-		}
-
-		@ferm::rule { "dsa-rsync-ssl":
-			domain      => '(ip ip6)',
-			description => "Allow traffic to rsync ssl",
-			rule        => "&SERVICE(tcp, 1873)"
+	} else {
+		rsync::site { 'syncproxy':
+			content => template('roles/syncproxy/rsyncd.conf.erb'),
+			bind    => $bind,
+			bind6   => $bind6,
 		}
 	}
 }