diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2013-01-22 18:11:54 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2013-01-22 18:11:54 -0200 |
commit | 40c517b334bd99fec985959f97e48c775ae6da3a (patch) | |
tree | e501f0cceb8effed2ec3ca1769b07bcf744291dc /manifests | |
parent | 0f8e1addb8b7e45577221a34cedb8389500eab28 (diff) | |
download | puppet-nodo-40c517b334bd99fec985959f97e48c775ae6da3a.tar.gz puppet-nodo-40c517b334bd99fec985959f97e48c775ae6da3a.tar.bz2 |
Moving all sshd declarations to nodo class
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/host.pp | 20 | ||||
-rw-r--r-- | manifests/nodo.pp | 28 | ||||
-rw-r--r-- | manifests/plug.pp | 11 | ||||
-rw-r--r-- | manifests/vserver.pp | 11 |
4 files changed, 21 insertions, 49 deletions
diff --git a/manifests/host.pp b/manifests/host.pp index 2762e91..9464e96 100644 --- a/manifests/host.pp +++ b/manifests/host.pp @@ -31,26 +31,6 @@ class nodo::host inherits nodo { default: { include ntpdate } } - # SSH Server - # - # We need to restrict listen address so multiple instances - # can live together in the same physical host. - # - case $sshd_listen_address { - '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] } - } - - class { 'sshd': - listen_address => $sshd_listen_address, - password_authentication => $sshd_password_authentication, - shared_ip => $sshd_shared_ip, - tcp_forwarding => $sshd_tcp_forwarding, - hardened_ssl => $sshd_hardened_ssl, - print_motd => $sshd_print_motd, - ports => $sshd_ports, - use_pam => $sshd_use_pam, - } - backupninja::sys { "sys": ensure => present, } diff --git a/manifests/nodo.pp b/manifests/nodo.pp index 873c075..8d746d0 100644 --- a/manifests/nodo.pp +++ b/manifests/nodo.pp @@ -40,12 +40,6 @@ class nodo { # Apt configuration if $use_apt != false { - # TODO: remove this in the future after all old nodes - # have applied the catalog. - file { '/etc/apt/sources.list.d/debian-backports.list': - ensure => absent, - } - class { 'apt': include_src => hiera('nodo::apt_include_src', false), use_next_release => hiera('nodo::apt_use_next_release', false), @@ -85,6 +79,26 @@ class nodo { $sshd_hardened_ssl = "yes" $sshd_print_motd = "yes" + # SSH Server + # + # We need to restrict listen address so multiple instances + # can live together in the same physical host. + # + case $sshd_listen_address { + '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] } + } + + class { 'sshd': + listen_address => $sshd_listen_address, + password_authentication => $sshd_password_authentication, + shared_ip => $sshd_shared_ip, + tcp_forwarding => $sshd_tcp_forwarding, + hardened_ssl => $sshd_hardened_ssl, + print_motd => $sshd_print_motd, + ports => $sshd_ports, + use_pam => $sshd_use_pam, + } + file { "/etc/hostname": owner => "root", group => "root", @@ -94,7 +108,7 @@ class nodo { } file { "/etc/rc.local": - source => "puppet://$server/modules/nodo/etc/rc.local", + source => "puppet:///modules/nodo/etc/rc.local", owner => "root", group => "root", mode => 0755, diff --git a/manifests/plug.pp b/manifests/plug.pp index 913ab6b..58aa844 100644 --- a/manifests/plug.pp +++ b/manifests/plug.pp @@ -7,17 +7,6 @@ class nodo::plug inherits nodo { include resolver include monkeysphere_nodo - class { 'sshd': - listen_address => $sshd_listen_address, - password_authentication => $sshd_password_authentication, - shared_ip => $sshd_shared_ip, - tcp_forwarding => $sshd_tcp_forwarding, - hardened_ssl => $sshd_hardened_ssl, - print_motd => $sshd_print_motd, - ports => $sshd_ports, - use_pam => $sshd_use_pam, - } - backupninja::sys { "sys": ensure => present, } diff --git a/manifests/vserver.pp b/manifests/vserver.pp index 0e61750..9feb030 100644 --- a/manifests/vserver.pp +++ b/manifests/vserver.pp @@ -3,17 +3,6 @@ class nodo::vserver inherits nodo { class { 'syslog-ng::vserver': } - class { 'sshd': - listen_address => $sshd_listen_address, - password_authentication => $sshd_password_authentication, - shared_ip => $sshd_shared_ip, - tcp_forwarding => $sshd_tcp_forwarding, - hardened_ssl => $sshd_hardened_ssl, - print_motd => $sshd_print_motd, - ports => $sshd_ports, - use_pam => $sshd_use_pam, - } - backupninja::sys { "sys": ensure => present, partitions => false, |