diff options
author | Micah <micah@riseup.net> | 2015-11-09 15:05:48 +0000 |
---|---|---|
committer | Micah <micah@riseup.net> | 2015-11-09 15:05:48 +0000 |
commit | c2fd1a769e81284cc004f0192d38d5635b5c85e5 (patch) | |
tree | 0901bbc2648f488ed7ff0da0f5d40bbfeafc4437 /manifests | |
parent | b3e81589eec604768e08ed56ce5ca42a4b33db89 (diff) | |
parent | fe92ce01fabe2d1b6a966d119e24c07cd164b776 (diff) | |
download | puppet-sshd-c2fd1a769e81284cc004f0192d38d5635b5c85e5.tar.gz puppet-sshd-c2fd1a769e81284cc004f0192d38d5635b5c85e5.tar.bz2 |
Merge branch 'disable_stored_config' into 'master'
[feat] Optinally disable exported resources
If run masterless, we cannot export resources, so
we move them to an own class. Including it can be
disabled by passing "use_storedconfig" to the sshd
class.
See merge request !21
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/base.pp | 18 | ||||
-rw-r--r-- | manifests/init.pp | 3 | ||||
-rw-r--r-- | manifests/sshkey.pp | 21 |
3 files changed, 26 insertions, 16 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 6dddedf..abd4fb8 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -25,21 +25,9 @@ class sshd::base { case $::sshrsakey { '': { info("no sshrsakey on ${::fqdn}") } default: { - @@sshkey{$::fqdn: - ensure => present, - tag => 'fqdn', - type => ssh-rsa, - key => $::sshrsakey, - } - # In case the node has uses a shared network address, - # we don't define a sshkey resource using an IP address - if $sshd::shared_ip == 'no' { - @@sshkey{$sshd::sshkey_ipaddress: - ensure => present, - tag => 'ipaddress', - type => ssh-rsa, - key => $::sshrsakey, - } + # only export sshkey when storedconfigs is enabled + if $::sshd::use_storedconfigs { + include ::ssh::sshkey } } } diff --git a/manifests/init.pp b/manifests/init.pp index 2dfc71c..b415741 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -52,7 +52,8 @@ class sshd( $hostkey_type = versioncmp($::ssh_version, '6.5') ? { /(^1|0)/ => [ 'rsa', 'ed25519' ], /-1/ => [ 'rsa', 'dsa' ] - } + }, + $use_storedconfigs = true ) { validate_bool($manage_shorewall) diff --git a/manifests/sshkey.pp b/manifests/sshkey.pp new file mode 100644 index 0000000..df37a66 --- /dev/null +++ b/manifests/sshkey.pp @@ -0,0 +1,21 @@ +# deploys the +class sshd::sshkey { + + @@sshkey{$::fqdn: + ensure => present, + tag => 'fqdn', + type => 'ssh-rsa', + key => $::sshrsakey, + } + + # In case the node has uses a shared network address, + # we don't define a sshkey resource using an IP address + if $sshd::shared_ip == 'no' { + @@sshkey{$::sshd::sshkey_ipaddress: + ensure => present, + tag => 'ipaddress', + type => 'ssh-rsa', + key => $::sshrsakey, + } + } +} |