aboutsummaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2013-01-22 18:11:54 -0200
committerSilvio Rhatto <rhatto@riseup.net>2013-01-22 18:11:54 -0200
commit40c517b334bd99fec985959f97e48c775ae6da3a (patch)
treee501f0cceb8effed2ec3ca1769b07bcf744291dc /manifests
parent0f8e1addb8b7e45577221a34cedb8389500eab28 (diff)
downloadpuppet-nodo-40c517b334bd99fec985959f97e48c775ae6da3a.tar.gz
puppet-nodo-40c517b334bd99fec985959f97e48c775ae6da3a.tar.bz2
Moving all sshd declarations to nodo class
Diffstat (limited to 'manifests')
-rw-r--r--manifests/host.pp20
-rw-r--r--manifests/nodo.pp28
-rw-r--r--manifests/plug.pp11
-rw-r--r--manifests/vserver.pp11
4 files changed, 21 insertions, 49 deletions
diff --git a/manifests/host.pp b/manifests/host.pp
index 2762e91..9464e96 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -31,26 +31,6 @@ class nodo::host inherits nodo {
default: { include ntpdate }
}
- # SSH Server
- #
- # We need to restrict listen address so multiple instances
- # can live together in the same physical host.
- #
- case $sshd_listen_address {
- '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] }
- }
-
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
}
diff --git a/manifests/nodo.pp b/manifests/nodo.pp
index 873c075..8d746d0 100644
--- a/manifests/nodo.pp
+++ b/manifests/nodo.pp
@@ -40,12 +40,6 @@ class nodo {
# Apt configuration
if $use_apt != false {
- # TODO: remove this in the future after all old nodes
- # have applied the catalog.
- file { '/etc/apt/sources.list.d/debian-backports.list':
- ensure => absent,
- }
-
class { 'apt':
include_src => hiera('nodo::apt_include_src', false),
use_next_release => hiera('nodo::apt_use_next_release', false),
@@ -85,6 +79,26 @@ class nodo {
$sshd_hardened_ssl = "yes"
$sshd_print_motd = "yes"
+ # SSH Server
+ #
+ # We need to restrict listen address so multiple instances
+ # can live together in the same physical host.
+ #
+ case $sshd_listen_address {
+ '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] }
+ }
+
+ class { 'sshd':
+ listen_address => $sshd_listen_address,
+ password_authentication => $sshd_password_authentication,
+ shared_ip => $sshd_shared_ip,
+ tcp_forwarding => $sshd_tcp_forwarding,
+ hardened_ssl => $sshd_hardened_ssl,
+ print_motd => $sshd_print_motd,
+ ports => $sshd_ports,
+ use_pam => $sshd_use_pam,
+ }
+
file { "/etc/hostname":
owner => "root",
group => "root",
@@ -94,7 +108,7 @@ class nodo {
}
file { "/etc/rc.local":
- source => "puppet://$server/modules/nodo/etc/rc.local",
+ source => "puppet:///modules/nodo/etc/rc.local",
owner => "root",
group => "root",
mode => 0755,
diff --git a/manifests/plug.pp b/manifests/plug.pp
index 913ab6b..58aa844 100644
--- a/manifests/plug.pp
+++ b/manifests/plug.pp
@@ -7,17 +7,6 @@ class nodo::plug inherits nodo {
include resolver
include monkeysphere_nodo
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
}
diff --git a/manifests/vserver.pp b/manifests/vserver.pp
index 0e61750..9feb030 100644
--- a/manifests/vserver.pp
+++ b/manifests/vserver.pp
@@ -3,17 +3,6 @@ class nodo::vserver inherits nodo {
class { 'syslog-ng::vserver': }
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
partitions => false,