X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Frsync%2Fmanifests%2Fsite.pp;h=c1e15c27b2ba86e921ad6c50ede25caf21be22a7;hb=9c6009e74b04f540b46b17f6a4f1558baf426c99;hp=c762d6d37e8cf9bb3127a5e72de71e8d52a8c879;hpb=39e080753dad0998582af7ec4b0fd4511ef39d01;p=mirror%2Fdsa-puppet.git

diff --git a/modules/rsync/manifests/site.pp b/modules/rsync/manifests/site.pp
index c762d6d37..c1e15c27b 100644
--- a/modules/rsync/manifests/site.pp
+++ b/modules/rsync/manifests/site.pp
@@ -25,60 +25,62 @@ define rsync::site (
 		ensure  => $ensure,
 		content => $content,
 		source  => $source,
-		owner   => 'root',
-		group   => 'root',
-		mode    => '0444',
 	}
 
-	file { "/etc/systemd/system/rsyncd-${name}@.service":
+	$service_file = "/etc/systemd/system/rsyncd-${name}@.service"
+	$socket_file = "/etc/systemd/system/rsyncd-${name}.socket"
+	$systemd_service = "rsyncd-${name}.socket"
+
+	# if we enable the service, we want the files before the service.
+	# if we remove the service, we want the service disabled before the files
+	# go away.
+	$service_subscribe = $ensure ? {
+		present => [
+			File[$service_file],
+			File[$socket_file],
+		],
+		default => [],
+	}
+	$service_before = $ensure ? {
+		present => [],
+		default => [
+			File[$service_file],
+			File[$socket_file],
+		],
+	}
+
+	file { $service_file:
 		ensure  => $ensure,
 		content => template('rsync/systemd-rsyncd.service.erb'),
-		owner   => 'root',
-		group   => 'root',
-		mode    => '0444',
 		require => File[$fname_real_rsync],
 		notify  => Exec['systemctl daemon-reload'],
 	}
 
-	file { "/etc/systemd/system/rsyncd-${name}.socket":
+	file { $socket_file:
 		ensure  => $ensure,
 		content => template('rsync/systemd-rsyncd.socket.erb'),
-		owner   => 'root',
-		group   => 'root',
-		mode    => '0444',
-		notify  => [
-			Exec['systemctl daemon-reload'],
-			Service["rsyncd-${name}.socket"],
-		],
+		notify  => Exec['systemctl daemon-reload'],
 	}
 
-	service { "rsyncd-${name}.socket":
+	service { $systemd_service:
 		ensure   => $ensure_service,
 		enable   => $ensure_enable,
-		require  => [
-			Exec['systemctl daemon-reload'],
-			File["/etc/systemd/system/rsyncd-${name}@.service"],
-			File["/etc/systemd/system/rsyncd-${name}.socket"],
-		],
+		notify   => Exec['systemctl daemon-reload'],
 		provider => systemd,
+		before    => $service_before,
+		subscribe => $service_subscribe,
 	}
 
 	if $sslname {
 		file { $fname_real_stunnel:
 			ensure  => $ensure,
 			content => template('rsync/systemd-rsyncd-stunnel.conf.erb'),
-			owner   => 'root',
-			group   => 'root',
-			mode    => '0444',
 			require => File["/etc/ssl/debian/certs/${sslname}.crt-chained"],
 		}
 
 		file { "/etc/systemd/system/rsyncd-${name}-stunnel@.service":
 			ensure  => $ensure,
 			content => template('rsync/systemd-rsyncd-stunnel.service.erb'),
-			owner   => 'root',
-			group   => 'root',
-			mode    => '0444',
 			require => File[$fname_real_stunnel],
 			notify  => Exec['systemctl daemon-reload'],
 		}
@@ -86,9 +88,6 @@ define rsync::site (
 		file { "/etc/systemd/system/rsyncd-${name}-stunnel.socket":
 			ensure  => $ensure,
 			content => template('rsync/systemd-rsyncd-stunnel.socket.erb'),
-			owner   => 'root',
-			group   => 'root',
-			mode    => '0444',
 			notify  => [
 				Exec['systemctl daemon-reload'],
 				Service["rsyncd-${name}-stunnel.socket"]