Defined Type: stunnel::daemon

Defined in:
modules/stunnel/manifests/daemon.pp

Overview

Parameters:

  • ensure (Wmflib::Ensure) (defaults to: 'present')

    whether to ensure the resource

  • accept_host (Stdlib::Host) (defaults to: 'localhost')

    The address to listen on

  • accept_port (Stdlib::Port)

    The port to listen on

  • connect_host (Optional[Stdlib::Host]) (defaults to: undef)

    The address to connect to

  • connect_port (Optional[Stdlib::Port]) (defaults to: undef)

    The port to connect to

  • client (Boolean) (defaults to: false)

    whether the daemon will also act as a client

  • ca_path (Optional[Stdlib::Unixpath]) (defaults to: undef)

    The path to the CA file

  • cert_path (Optional[Stdlib::Unixpath]) (defaults to: undef)

    the path to the client cert file

  • key_path (Optional[Stdlib::Unixpath]) (defaults to: undef)

    the path to the client private key file

  • verify_peer (Boolean) (defaults to: false)

    if true verify the peer

  • verify_client

    if true verify the client

  • ssl_version (Stunnel::Ssl_version) (defaults to: 'TLSv1.3')

    The SSL version to use

  • exec (Optional[Stdlib::Unixpath]) (defaults to: undef)

    The binary to execute

  • exec_args (Array[String]) (defaults to: [])

    The arguments to execute

  • debug (Integer[0,7]) (defaults to: 5)

    Log level between 0 (emerg) and 7(debug)

  • verify_chain (Boolean) (defaults to: false)


17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'modules/stunnel/manifests/daemon.pp', line 17

define stunnel::daemon (
    Stdlib::Port               $accept_port,
    Wmflib::Ensure             $ensure       = 'present',
    Stdlib::Host               $accept_host  = 'localhost',
    Optional[Stdlib::Host]     $connect_host = undef,
    Optional[Stdlib::Port]     $connect_port = undef,
    Boolean                    $client       = false,
    Boolean                    $verify_chain = false,
    Boolean                    $verify_peer  = false,
    Integer[0,7]               $debug        = 5,
    Stunnel::Ssl_version       $ssl_version  = 'TLSv1.3',
    Optional[Stdlib::Unixpath] $exec         = undef,
    Array[String]              $exec_args    = [],
    Optional[Stdlib::Unixpath] $ca_path      = undef,
    Optional[Stdlib::Unixpath] $cert_path    = undef,
    Optional[Stdlib::Unixpath] $key_path     = undef,
) {
    include stunnel
    $safe_title = $title.regsubst('[^\w\-]', '_', 'G')
    $conf_file = "${stunnel::daemon_config_dir}/${safe_title}.conf"
    $connect_string = $connect_port ? {
        undef   => undef,
        default => $connect_host ? {
            undef   => $connect_port,
            default => "${connect_host}:${connect_port}",
        }
    }

    file {$conf_file:
        ensure  => $ensure,
        content => template('stunnel/daemon.conf.erb'),
        notify  => Service[$stunnel::service_name]
    }
}