Try to restart stunnels when certs change

author Peter Palfrader <peter@palfrader.org>

Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)

committer Peter Palfrader <peter@palfrader.org>

Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)
author Peter Palfrader <peter@palfrader.org>
Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)
committer Peter Palfrader <peter@palfrader.org>
Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)
diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp

index c2e9db78ca16c17eeb8c32c37f24aa8bb871fb5d..5aeb6487769c6ea4e597208ced8a323affe74414 100644 (file)
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -16,6 +16,18 @@ class stunnel4 {
                  mode    => 555,
              ;
          }
+
+        case $client {
+                true: {
+                    $certfile = "/etc/ssl/debian/certs/thishost.crt"
+                    $keyfile = /etc/ssl/debian/keys/thishost.key
+                    }
+                default: {
+                    $certfile = /etc/exim4/ssl/thishost.crt
+                    $keyfile = /etc/exim4/ssl/thishost.key
+                    }
+        }
+
          exec {
              "restart_stunnel_${name}":
                      command => "true && cd / && env -i /etc/init.d/stunnel4 restart puppet-${name}",
@@ -25,6 +37,9 @@ class stunnel4 {
                                   Exec['kill_file_override'],
                                   Package['stunnel4']
                                 ],
+                    subscribe => [ File[$certfile],
+                                   File[$keyfile]
+                                 ],
                      refreshonly => true,
                      ;
          }
author	Peter Palfrader <peter@palfrader.org>
	Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 27 May 2011 10:21:34 +0000 (12:21 +0200)