From 4d21428a90a017912519e8787dc69cc5e93c2535 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 24 May 2011 12:11:19 +0200
Subject: [PATCH] restart stunnel regularly

---
 modules/entropykey/manifests/init.pp | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/modules/entropykey/manifests/init.pp b/modules/entropykey/manifests/init.pp
index 13de3e4ea..e9c612657 100644
--- a/modules/entropykey/manifests/init.pp
+++ b/modules/entropykey/manifests/init.pp
@@ -8,6 +8,13 @@ class entropykey::provider {
             source => "puppet:///modules/entropykey/ekeyd.conf",
             notify  => Exec['restart_ekeyd'],
             require => [ Package['ekeyd'] ],
+            ;
+        # our CRL expires after a while (2 or 4 weeks?), so we have
+        # to restart stunnel so it loads the new CRL.
+        "/etc/cron.weekly/stunnel-ekey.conf":
+            content =>  "# This file is under puppet control\nenv -i /etc/init.d/stunnel4 restart puppet-ekeyd\n",
+            mode => "555",
+            ;
         ;
     }
 
-- 
2.20.1