diff options
-rw-r--r-- | manifests/base.pp | 18 | ||||
-rw-r--r-- | manifests/client/base.pp | 5 | ||||
-rw-r--r-- | manifests/init.pp | 3 |
3 files changed, 19 insertions, 7 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 2ac2385..76203ee 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -14,14 +14,20 @@ class sshd::base { '': { info("no sshrsakey on $fqdn") } default: { @@sshkey{"$hostname.$domain": - type => ssh-rsa, - key => $sshrsakey_key, + tag => "fqdn", + type => ssh-rsa, + key => $sshrsakey_key, ensure => present, } - @@sshkey{"$ipaddress": - type => ssh-rsa, - key => $sshrsakey, - ensure => present, + # In case the node has an internal network address, + # we don't define a sshkey resource using an IP address + if $sshd_internal_ip == "no" { + @@sshkey{"$ipaddress": + tag => "ipaddress", + type => ssh-rsa, + key => $sshrsakey, + ensure => present, + } } } } diff --git a/manifests/client/base.pp b/manifests/client/base.pp index 33d9f9e..b1dc99d 100644 --- a/manifests/client/base.pp +++ b/manifests/client/base.pp @@ -5,5 +5,8 @@ class sshd::client::base { } # Now collect all server keys - Sshkey <<||>> + case $sshd_internal_ip { + no: { Sshkey <<||>> } + yes: { Sshkey <<| tag == "fqdn" |>> } + } } diff --git a/manifests/init.pp b/manifests/init.pp index ba48b8c..4bfeb3b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -214,6 +214,9 @@ class sshd { case $sshd_print_motd { '': { $sshd_print_motd = "yes" } } + case $sshd_internal_ip { + '': { $sshd_internal_ip = "no" } + } include sshd::client |