X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fstunnel4%2Ftemplates%2Fstunnel.conf.erb;h=7cf1a6faa9999efe7cd3c0a203bce906dc6b84ab;hb=f79fdb6bb13b6eb8a0c8b0dcf117a2c3e0e241c6;hp=b4d544883cc6264beb6e496574eb33671b465212;hpb=f0a682647864402c133fe0825b1438d8a1aa3cf8;p=mirror%2Fdsa-puppet.git

diff --git a/modules/stunnel4/templates/stunnel.conf.erb b/modules/stunnel4/templates/stunnel.conf.erb
index b4d544883..7cf1a6faa 100644
--- a/modules/stunnel4/templates/stunnel.conf.erb
+++ b/modules/stunnel4/templates/stunnel.conf.erb
@@ -3,9 +3,9 @@
 ## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
 ##
 
-<%- if client -%>
+<%- if @client -%>
 cert = /etc/ssl/debian/certs/thishost.crt
-key = /etc/ssl/debian/keys/thishost.key
+key = /etc/ssl/private/thishost.key
 <%- else -%>
 cert = /etc/exim4/ssl/thishost.crt
 key = /etc/exim4/ssl/thishost.key
@@ -16,11 +16,11 @@ chroot = /var/run/stunnel4
 setuid = stunnel4
 setgid = stunnel4
 ; PID is created inside chroot jail
-pid = /stunnel-<%= name %>.pid
+pid = /stunnel-<%= @name %>.pid
 
-verify = <%= verify %>
-CAfile = <%= cafile %>
-<%- if crlfile -%>
+verify = <%= @verify %>
+CAfile = <%= @cafile %>
+<%- if @crlfile -%>
 CRLfile = /etc/exim4/ssl/ca.crl
 <%- end -%>
 
@@ -29,13 +29,16 @@ debug = notice
 ; don't use a file, use syslog
 ; output = /var/log/stunnel4/stunnel.log
 
-client = <%= client ? "yes" : "no" %>
+client = <%= @client ? "yes" : "no" %>
 
-[<%= name %>-server]
-accept = <%= accept =~ /:/ ? accept : ":::#{accept}" %>
-connect = <%= connect %>
-<%- if local -%>
-local = <%= local %>
+socket = a:SO_LINGER=1:60
+socket = a:SO_KEEPALIVE=1
+
+[<%= @name %>-server]
+accept = <%= @accept =~ /:/ ? @accept : ":::#{@accept}" %>
+connect = <%= @connect %>
+<%- if @local -%>
+local = <%= @local %>
 <%- end -%>
 
 ; vim:ft=dosini