diff options
Diffstat (limited to 'net-misc/stunnel/files')
| -rw-r--r-- | net-misc/stunnel/files/stunnel | 43 | ||||
| -rw-r--r-- | net-misc/stunnel/files/stunnel.conf | 61 | ||||
| -rw-r--r-- | net-misc/stunnel/files/stunnel.tmpfiles.conf | 1 |
3 files changed, 105 insertions, 0 deletions
diff --git a/net-misc/stunnel/files/stunnel b/net-misc/stunnel/files/stunnel new file mode 100644 index 000000000000..6ca77a3dbdbe --- /dev/null +++ b/net-misc/stunnel/files/stunnel @@ -0,0 +1,43 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +SERVICENAME=${SVCNAME#*.} +SERVICENAME=${SERVICENAME:-stunnel} +STUNNEL_CONFIGFILE=${STUNNEL_CONFIGFILE:-/etc/stunnel/${SERVICENAME}.conf} + +depend() { + need net + before logger +} + +get_config() { + if [ ! -e ${STUNNEL_CONFIGFILE} ] ; then + eerror "You need to create ${STUNNEL_CONFIGFILE} first." + return 1 + fi + CHROOT=$(grep "^chroot" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;") + [ -n "${CHROOT}" ] && CHROOT="--chroot ${CHROOT}" + PIDFILE=$(grep "^pid" ${STUNNEL_CONFIGFILE} | sed "s;.*= *;;") + PIDFILE=${PIDFILE:-/run/stunnel/${SERVICENAME}.pid} +} + +start() { + get_config || return 1 + checkpath -d -m 0775 -o root:stunnel /run/stunnel + if [ "$(dirname ${PIDFILE})" != "/run" ]; then + checkpath -d -m 0755 -o stunnel:stunnel -q $(dirname ${PIDFILE}) + fi + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --pidfile "${PIDFILE}" ${CHROOT} \ + --exec /usr/bin/stunnel -- ${STUNNEL_CONFIGFILE} ${STUNNEL_OPTIONS} + eend $? "Failed to start ${SVCNAME}" +} + +stop() { + get_config || return 1 + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile ${PIDFILE} + eend $? "Failed to stop ${SVCNAME}" +} diff --git a/net-misc/stunnel/files/stunnel.conf b/net-misc/stunnel/files/stunnel.conf new file mode 100644 index 000000000000..547ee963e4d1 --- /dev/null +++ b/net-misc/stunnel/files/stunnel.conf @@ -0,0 +1,61 @@ +# Sample stunnel configuration file by Michal Trojnara 2002-2005 +# Some options used here may not be adequate for your particular configuration +# Please make sure you understand them (especially the effect of chroot jail) + +# Certificate/key is needed in server mode and optional in client mode +# cert = /etc/stunnel/stunnel.pem +# key = /etc/stunnel/stunnel.pem + +# Some security enhancements for UNIX systems - comment them out on Win32 +# chroot = /chroot/stunnel/ +setuid = stunnel +setgid = stunnel +# PID is created inside chroot jail +pid = /run/stunnel/stunnel.pid + +# Some performance tunings +socket = l:TCP_NODELAY=1 +socket = r:TCP_NODELAY=1 +#compression = rle + +# Workaround for Eudora bug +#options = DONT_INSERT_EMPTY_FRAGMENTS + +# Authentication stuff +#verify = 2 +# Don't forget to c_rehash CApath +# CApath is located inside chroot jail: +#CApath = /certs +# It's often easier to use CAfile: +#CAfile = /etc/stunnel/certs.pem +# Don't forget to c_rehash CRLpath +# CRLpath is located inside chroot jail: +#CRLpath = /crls +# Alternatively you can use CRLfile: +#CRLfile = /etc/stunnel/crls.pem + +# Some debugging stuff useful for troubleshooting +#debug = 7 +#output = stunnel.log + +# Use it for client mode +#client = yes + +# Service-level configuration + +#[pop3s] +#accept = 995 +#connect = 110 + +#[imaps] +#accept = 993 +#connect = 143 + +#[ssmtp] +#accept = 465 +#connect = 25 + +#[https] +#accept = 443 +#connect = 80 +#TIMEOUTclose = 0 diff --git a/net-misc/stunnel/files/stunnel.tmpfiles.conf b/net-misc/stunnel/files/stunnel.tmpfiles.conf new file mode 100644 index 000000000000..4433c8a75664 --- /dev/null +++ b/net-misc/stunnel/files/stunnel.tmpfiles.conf @@ -0,0 +1 @@ +d /run/stunnel 0770 stunnel stunnel - |