Add manifests to install and configure stunnel

Some services (such as Redis) can't use mod_proxy as a TLS proxy, since they're not HTTP services. So stunnel is necessary for these. Thus, we add manifests to configure it as such. bp tls-via-certmonger Change-Id: Ic4a2dac7b3831e4780105e3b05e9c5afcf15c79c (cherry picked from commit f85199c77826017e383534051ada57ef1ea4ddcc)
author: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2017-08-24 13:21:11 +0000
committer: Juan Antonio Osorio Robles <jaosorior@redhat.com> 2017-08-31 14:10:30 +0000
commit: f130e6c8c0b4dd6b4e59ded722445a3864333057 (patch)
tree: ec32580969ea11fcbc2aaf7773255ef44b3fed4a /files
parent: 0457aa12e65e3d1fa6125da6e609fbd547d1b9d7 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/files/stunnel.service b/files/stunnel.service
new file mode 100644
index 0000000..dce2366
--- /dev/null
+++ b/files/stunnel.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=SSL tunnel for network daemons
+After=network.target
+After=syslog.target
+
+[Install]
+WantedBy=multi-user.target
+Alias=stunnel.target
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
+ExecStop=/usr/bin/killall -9 stunnel
+
+# Give up if ping don't get an answer
+TimeoutSec=600
+
+Restart=always
+PrivateTmp=false
author	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2017-08-24 13:21:11 +0000
committer	Juan Antonio Osorio Robles <jaosorior@redhat.com>	2017-08-31 14:10:30 +0000
commit	f130e6c8c0b4dd6b4e59ded722445a3864333057 (patch)
tree	ec32580969ea11fcbc2aaf7773255ef44b3fed4a /files
parent	0457aa12e65e3d1fa6125da6e609fbd547d1b9d7 (diff)