aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2015-11-09 10:22:58 +0100
committervarac <varacanero@zeromail.org>2015-11-09 10:22:58 +0100
commitfe92ce01fabe2d1b6a966d119e24c07cd164b776 (patch)
tree0901bbc2648f488ed7ff0da0f5d40bbfeafc4437
parentb3e81589eec604768e08ed56ce5ca42a4b33db89 (diff)
downloadpuppet-sshd-fe92ce01fabe2d1b6a966d119e24c07cd164b776.tar.gz
puppet-sshd-fe92ce01fabe2d1b6a966d119e24c07cd164b776.tar.bz2
[feat] Optinally disable exported resources
If run masterless, we cannot export resources, so we move them to an own class. Including it can be disabled by passing "use_storedconfig" to the sshd class.
-rw-r--r--manifests/base.pp18
-rw-r--r--manifests/init.pp3
-rw-r--r--manifests/sshkey.pp21
3 files changed, 26 insertions, 16 deletions
diff --git a/manifests/base.pp b/manifests/base.pp
index 6dddedf..abd4fb8 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -25,21 +25,9 @@ class sshd::base {
case $::sshrsakey {
'': { info("no sshrsakey on ${::fqdn}") }
default: {
- @@sshkey{$::fqdn:
- ensure => present,
- tag => 'fqdn',
- type => ssh-rsa,
- key => $::sshrsakey,
- }
- # In case the node has uses a shared network address,
- # we don't define a sshkey resource using an IP address
- if $sshd::shared_ip == 'no' {
- @@sshkey{$sshd::sshkey_ipaddress:
- ensure => present,
- tag => 'ipaddress',
- type => ssh-rsa,
- key => $::sshrsakey,
- }
+ # only export sshkey when storedconfigs is enabled
+ if $::sshd::use_storedconfigs {
+ include ::ssh::sshkey
}
}
}
diff --git a/manifests/init.pp b/manifests/init.pp
index 2dfc71c..b415741 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -52,7 +52,8 @@ class sshd(
$hostkey_type = versioncmp($::ssh_version, '6.5') ? {
/(^1|0)/ => [ 'rsa', 'ed25519' ],
/-1/ => [ 'rsa', 'dsa' ]
- }
+ },
+ $use_storedconfigs = true
) {
validate_bool($manage_shorewall)
diff --git a/manifests/sshkey.pp b/manifests/sshkey.pp
new file mode 100644
index 0000000..df37a66
--- /dev/null
+++ b/manifests/sshkey.pp
@@ -0,0 +1,21 @@
+# deploys the
+class sshd::sshkey {
+
+ @@sshkey{$::fqdn:
+ ensure => present,
+ tag => 'fqdn',
+ type => 'ssh-rsa',
+ key => $::sshrsakey,
+ }
+
+ # In case the node has uses a shared network address,
+ # we don't define a sshkey resource using an IP address
+ if $sshd::shared_ip == 'no' {
+ @@sshkey{$::sshd::sshkey_ipaddress:
+ ensure => present,
+ tag => 'ipaddress',
+ type => 'ssh-rsa',
+ key => $::sshrsakey,
+ }
+ }
+}