diff options
-rw-r--r-- | manifests/base.pp | 18 | ||||
-rw-r--r-- | manifests/init.pp | 3 | ||||
-rw-r--r-- | manifests/sshkey.pp | 21 |
3 files changed, 26 insertions, 16 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index 6dddedf..dda9f26 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -25,21 +25,9 @@ class sshd::base { case $::sshrsakey { '': { info("no sshrsakey on ${::fqdn}") } default: { - @@sshkey{$::fqdn: - ensure => present, - tag => 'fqdn', - type => ssh-rsa, - key => $::sshrsakey, - } - # In case the node has uses a shared network address, - # we don't define a sshkey resource using an IP address - if $sshd::shared_ip == 'no' { - @@sshkey{$sshd::sshkey_ipaddress: - ensure => present, - tag => 'ipaddress', - type => ssh-rsa, - key => $::sshrsakey, - } + # only export sshkey when storedconfigs is enabled + if $::sshd::use_storedconfigs { + include ::sshd::sshkey } } } diff --git a/manifests/init.pp b/manifests/init.pp index 2dfc71c..b415741 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -52,7 +52,8 @@ class sshd( $hostkey_type = versioncmp($::ssh_version, '6.5') ? { /(^1|0)/ => [ 'rsa', 'ed25519' ], /-1/ => [ 'rsa', 'dsa' ] - } + }, + $use_storedconfigs = true ) { validate_bool($manage_shorewall) diff --git a/manifests/sshkey.pp b/manifests/sshkey.pp new file mode 100644 index 0000000..df37a66 --- /dev/null +++ b/manifests/sshkey.pp @@ -0,0 +1,21 @@ +# deploys the +class sshd::sshkey { + + @@sshkey{$::fqdn: + ensure => present, + tag => 'fqdn', + type => 'ssh-rsa', + key => $::sshrsakey, + } + + # In case the node has uses a shared network address, + # we don't define a sshkey resource using an IP address + if $sshd::shared_ip == 'no' { + @@sshkey{$::sshd::sshkey_ipaddress: + ensure => present, + tag => 'ipaddress', + type => 'ssh-rsa', + key => $::sshrsakey, + } + } +} |