Setup sniproxy and rsyslog
[cacert-puppet.git] / sitemodules / profiles / manifests / sniproxy.pp
1 # Class: profiles::sniproxy
2 # =========================
3 #
4 # This class takes care if setting up SNIProxy.
5 #
6 # Parameters
7 # ----------
8 #
9 # @param https_forwards a list of server names to target ips/ports
10 #
11 # Examples
12 # --------
13 #
14 # @example
15 # class roles::myhost {
16 # include profiles::sniproxy
17 # }
18 #
19 # Authors
20 # -------
21 #
22 # Jan Dittberner <jandd@cacert.org>
23 #
24 # Copyright
25 # ---------
26 #
27 # Copyright 2017 Jan Dittberner
28 #
29 class profiles::sniproxy (
30 Array[String] $https_forwards,
31 ) {
32 file { '/etc/apt/sources.list.d/debian-testing.list':
33 ensure => file,
34 owner => 'root',
35 group => 'root',
36 mode => '0644',
37 source => 'puppet:///modules/profiles/apt_sources_debian_testing.list',
38 }
39
40 file { '/etc/apt/preferences.d/sniproxy':
41 ensure => file,
42 owner => 'root',
43 group => 'root',
44 mode => '0644',
45 source => 'puppet:///modules/profiles/sniproxy/sniproxy_apt_preferences',
46 }
47
48 package { 'sniproxy':
49 ensure => present,
50 }
51
52 file { '/etc/default/sniproxy':
53 ensure => file,
54 owner => 'root',
55 group => 'root',
56 mode => '0644',
57 source => 'puppet:///modules/profiles/sniproxy/etc_default_sniproxy',
58 require => Package['sniproxy'],
59 }
60
61 file { '/etc/sniproxy.conf':
62 ensure => file,
63 owner => 'root',
64 group => 'root',
65 mode => '0644',
66 content => epp(
67 'profiles/sniproxy/sniproxy.conf.epp',
68 {'https_forwards' => $https_forwards}
69 ),
70 require => Package['sniproxy'],
71 }
72
73 service { 'sniproxy':
74 ensure => running,
75 enable => true,
76 require => [Package['sniproxy'], File['/etc/default/sniproxy'], File['/etc/sniproxy.conf']],
77 subscribe => [File['/etc/default/sniproxy'], File['/etc/sniproxy.conf']],
78 }
79 }