From eab40215531d8135cdc051d1fe2eb8d3cfbddd87 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 27 May 2011 12:21:34 +0200
Subject: [PATCH] Try to restart stunnels when certs change

---
 modules/stunnel4/manifests/init.pp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp
index c2e9db78c..5aeb64877 100644
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -16,6 +16,18 @@ class stunnel4 {
                 mode    => 555,
             ;
         }
+
+        case $client {
+                true: {
+                    $certfile = "/etc/ssl/debian/certs/thishost.crt"
+                    $keyfile = /etc/ssl/debian/keys/thishost.key
+                    }
+                default: {
+                    $certfile = /etc/exim4/ssl/thishost.crt
+                    $keyfile = /etc/exim4/ssl/thishost.key
+                    }
+        }
+
         exec {
             "restart_stunnel_${name}":
                     command => "true && cd / && env -i /etc/init.d/stunnel4 restart puppet-${name}",
@@ -25,6 +37,9 @@ class stunnel4 {
                                  Exec['kill_file_override'],
                                  Package['stunnel4']
                                ],
+                    subscribe => [ File[$certfile],
+                                   File[$keyfile]
+                                 ],
                     refreshonly => true,
                     ;
         }
-- 
2.20.1