stunnel logfile is empty about puppet-stunnel HOT 4 CLOSED

Aaron,

I did a bit more experimenting by modifying the raw mysql_stunnel.conf file directly rather than through Puppet.

The reason why the log file is empty is because the generated .conf file contained the line:

debug = 0

which effectively told stunnel never to write anything in the log file.
A better debug setting is

debug = 5

which seems to log stunnel going up and down and errors and such without too
much noise.

See https://www.stunnel.org/static/stunnel.html for documentation of the debug parameter.

I also find out that if you do not specify a path for the logfile:

output = mysql_stunnel.log

then the logfile appears in

/etc/stunnel/conf.d/mysql_stunnel.log (i.e. the same directory as the configuration file).

Recommendation: arusso/puppet-stunnel should set the debug parameter to 5 (or 6).
For bonus points, add it as a parameter too. For extra bonus points, add the output
parameter as a parameter too.

Ross

from puppet-stunnel.

I just tried putting a debug line in the Puppet config file

stunnel::tun { 'mysql_stunnel':
...
debug => '5',
...}

and it worked fine, turning up in the .conf file as:

debug = 5

I just tried to specify:

 output  => '/var/log/stunnel/mysql_stunnel.log',  # The stunnel log file.

and Puppet gave an error. So it seems that debug is implemented as a parameter, but output isn't.

Recommendation 1: Set the debug parameter to default to 5.

Recommendation 2: Document the debug parameter and say where the logfile is going to appear.
Ross

from puppet-stunnel.

Re 1: Looks like the stunnel default is 5, so that makes sense.

Re 2: Sounds reasonable. I'll also add the output parameter as well

from puppet-stunnel.

I have tested the debug argument and it works.
I have tested the output parameter and it works.

Thanks very much for these improvements,

Ross Williams

from puppet-stunnel.