aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/base.pp18
-rw-r--r--manifests/client/base.pp5
-rw-r--r--manifests/init.pp3
3 files changed, 19 insertions, 7 deletions
diff --git a/manifests/base.pp b/manifests/base.pp
index 2ac2385..76203ee 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -14,14 +14,20 @@ class sshd::base {
'': { info("no sshrsakey on $fqdn") }
default: {
@@sshkey{"$hostname.$domain":
- type => ssh-rsa,
- key => $sshrsakey_key,
+ tag => "fqdn",
+ type => ssh-rsa,
+ key => $sshrsakey_key,
ensure => present,
}
- @@sshkey{"$ipaddress":
- type => ssh-rsa,
- key => $sshrsakey,
- ensure => present,
+ # In case the node has an internal network address,
+ # we don't define a sshkey resource using an IP address
+ if $sshd_internal_ip == "no" {
+ @@sshkey{"$ipaddress":
+ tag => "ipaddress",
+ type => ssh-rsa,
+ key => $sshrsakey,
+ ensure => present,
+ }
}
}
}
diff --git a/manifests/client/base.pp b/manifests/client/base.pp
index 33d9f9e..b1dc99d 100644
--- a/manifests/client/base.pp
+++ b/manifests/client/base.pp
@@ -5,5 +5,8 @@ class sshd::client::base {
}
# Now collect all server keys
- Sshkey <<||>>
+ case $sshd_internal_ip {
+ no: { Sshkey <<||>> }
+ yes: { Sshkey <<| tag == "fqdn" |>> }
+ }
}
diff --git a/manifests/init.pp b/manifests/init.pp
index ba48b8c..4bfeb3b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -214,6 +214,9 @@ class sshd {
case $sshd_print_motd {
'': { $sshd_print_motd = "yes" }
}
+ case $sshd_internal_ip {
+ '': { $sshd_internal_ip = "no" }
+ }
include sshd::client