Forge Home


A module for creating secure tunnels


21,954 latest version

1.9 quality score

Version information

  • 0.3.0 (latest)
  • 0.2.0
  • 0.1.0
  • 0.0.1
released May 5th 2017
This version is compatible with:
  • Puppet Enterprise 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 3.0.0 < 5.0.0

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'puppetlabs-stunnel', '0.3.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add puppetlabs-stunnel
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install puppetlabs-stunnel --version 0.3.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



puppetlabs/stunnel — version 0.3.0 May 5th 2017


Provides a defined resource type for managing stunnel on Debian and Red Hat systems.


   stunnel::tun { 'rsyncd':
     certificate => "/etc/puppet/ssl/certs/${::clientcert}.pem",
     private_key => "/etc/puppet/ssl/private_keys/${::clientcert}.pem",
     ca_file     => '/etc/puppet/ssl/certs/ca.pem',
     crl_file    => '/etc/puppet/ssl/crl.pem',
     chroot      => '/var/lib/stunnel4/rsyncd',
     user        => 'pe-puppet',
     group       => 'pe-puppet',
     client      => false,
     accept      => '1873',
     connect     => '873',


  • There is no sysvinit script installed as part of the stunnel package on Red Hat systems.
  • Use of SSLv2 is highly discouraged because it's known to be vulnerable.
  • The chroot defined in stunnel::tun needs to be manually created.