diff options
| author | Micah Anderson <micah@riseup.net> | 2008-09-26 18:23:25 -0400 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2008-09-26 18:23:25 -0400 |
| commit | 26e4ac53a93c61fad4c07c44009cd180e4196d36 (patch) | |
| tree | fd279e2498af12c00fa1f59d32306f193f3e0860 | |
| parent | e525f18d129ac3b9adc8e6df89c9e5e48367439c (diff) | |
| download | puppet-sshd-26e4ac53a93c61fad4c07c44009cd180e4196d36.tar.gz puppet-sshd-26e4ac53a93c61fad4c07c44009cd180e4196d36.tar.bz2 | |
add sshd_port variable enabling you to set a different port for sshd, default is 22
| -rw-r--r-- | manifests/init.pp | 8 | ||||
| -rw-r--r-- | templates/sshd_config/CentOS_normal.erb | 7 | ||||
| -rw-r--r-- | templates/sshd_config/Debian_normal.erb | 8 | ||||
| -rw-r--r-- | templates/sshd_config/Gentoo_normal.erb | 7 | ||||
| -rw-r--r-- | templates/sshd_config/OpenBSD_normal.erb | 7 |
5 files changed, 32 insertions, 5 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index e48524d..c2f318c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -80,7 +80,9 @@ # sshd_permit_empty_passwords: If you want enable PermitEmptyPasswords to allow empty passwords # Valid Values: yes or no # Default: no - +# +# sshd_port: If you want to specify a different port than the default 22 +# Default: 22 class sshd { include sshd::client @@ -159,6 +161,10 @@ class sshd::base { '' => 'no', default => $sshd_permit_empty_passwords } + $real_sshd_port = $sshd_port ? { + '' => 22, + default => $sshd_port + } file { 'sshd_config': path => '/etc/ssh/sshd_config', diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index a0ec786..3217b4e 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -10,7 +10,12 @@ # possible, but leave them commented. Uncommented options change a # default value. -#Port 22 +<%- unless real_sshd_port.to_s.empty? then %> +Port <%= real_sshd_port %> +<%- else %> +Port 22 +<%- end %> + #Protocol 2,1 Protocol 2 #AddressFamily any diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb index f6a2a81..7cdb5f2 100644 --- a/templates/sshd_config/Debian_normal.erb +++ b/templates/sshd_config/Debian_normal.erb @@ -2,7 +2,13 @@ # See the sshd(8) manpage for defails # What ports, IPs and protocols we listen for -# Port 22 + +<%- unless real_sshd_port.to_s.empty? then %> +Port <%= real_sshd_port %> +<%- else %> +Port 22 +<%- end %> + # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb index ca6b90a..c8e2ee1 100644 --- a/templates/sshd_config/Gentoo_normal.erb +++ b/templates/sshd_config/Gentoo_normal.erb @@ -10,7 +10,12 @@ # possible, but leave them commented. Uncommented options change a # default value. -#Port 22 +<%- unless real_sshd_port.to_s.empty? then %> +Port <%= real_sshd_port %> +<%- else %> +Port 22 +<%- end %> + #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb index 96d8bbd..139613a 100644 --- a/templates/sshd_config/OpenBSD_normal.erb +++ b/templates/sshd_config/OpenBSD_normal.erb @@ -8,7 +8,12 @@ # possible, but leave them commented. Uncommented options change a # default value. -#Port 22 +<%- unless real_sshd_port.to_s.empty? then %> +Port <%= real_sshd_port %> +<%- else %> +Port 22 +<%- end %> + #Protocol 2,1 #AddressFamily any #ListenAddress 0.0.0.0 |