From: Peter Palfrader <peter@palfrader.org>
Date: Fri, 27 May 2011 10:21:34 +0000 (+0200)
Subject: Try to restart stunnels when certs change
X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=commitdiff_plain;h=eab40215531d8135cdc051d1fe2eb8d3cfbddd87

Try to restart stunnels when certs change
---

diff --git a/modules/stunnel4/manifests/init.pp b/modules/stunnel4/manifests/init.pp
index c2e9db78..5aeb6487 100644
--- a/modules/stunnel4/manifests/init.pp
+++ b/modules/stunnel4/manifests/init.pp
@@ -16,6 +16,18 @@ class stunnel4 {
                 mode    => 555,
             ;
         }
+
+        case $client {
+                true: {
+                    $certfile = "/etc/ssl/debian/certs/thishost.crt"
+                    $keyfile = /etc/ssl/debian/keys/thishost.key
+                    }
+                default: {
+                    $certfile = /etc/exim4/ssl/thishost.crt
+                    $keyfile = /etc/exim4/ssl/thishost.key
+                    }
+        }
+
         exec {
             "restart_stunnel_${name}":
                     command => "true && cd / && env -i /etc/init.d/stunnel4 restart puppet-${name}",
@@ -25,6 +37,9 @@ class stunnel4 {
                                  Exec['kill_file_override'],
                                  Package['stunnel4']
                                ],
+                    subscribe => [ File[$certfile],
+                                   File[$keyfile]
+                                 ],
                     refreshonly => true,
                     ;
         }