diff options
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/base.pp | 6 | ||||
| -rw-r--r-- | manifests/client/base.pp | 7 | ||||
| -rw-r--r-- | manifests/debian.pp | 12 | ||||
| -rw-r--r-- | manifests/init.pp | 12 | ||||
| -rw-r--r-- | manifests/openbsd.pp | 8 |
5 files changed, 24 insertions, 21 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index ef066e0..813745c 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -1,3 +1,6 @@ +# The base class to setup the common things. +# This is a private class and will always be used +# throught the sshd class itself. class sshd::base { $sshd_config_content = $::lsbdistcodename ? { @@ -6,6 +9,7 @@ class sshd::base { } file { 'sshd_config': + ensure => present, path => '/etc/ssh/sshd_config', content => $sshd_config_content, notify => Service[sshd], @@ -27,7 +31,7 @@ class sshd::base { # In case the node has uses a shared network address, # we don't define a sshkey resource using an IP address if $sshd::shared_ip == 'no' { - @@sshkey{$::ipaddress: + @@sshkey{$sshd::sshkey_ipaddress: ensure => present, tag => 'ipaddress', type => ssh-rsa, diff --git a/manifests/client/base.pp b/manifests/client/base.pp index 6687d65..4925c2d 100644 --- a/manifests/client/base.pp +++ b/manifests/client/base.pp @@ -1,9 +1,10 @@ class sshd::client::base { # this is needed because the gid might have changed file { '/etc/ssh/ssh_known_hosts': - mode => '0644', - owner => root, - group => 0; + ensure => present, + mode => '0644', + owner => root, + group => 0; } # Now collect all server keys diff --git a/manifests/debian.pp b/manifests/debian.pp index ced5db7..d827078 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -1,21 +1,13 @@ class sshd::debian inherits sshd::linux { - # the templates for Debian need lsbdistcodename - require lsb - Package[openssh]{ name => 'openssh-server', } - $sshd_restartandstatus = $::lsbdistcodename ? { - etch => false, - default => true - } - Service[sshd]{ name => 'ssh', pattern => 'sshd', - hasstatus => $sshd_restartandstatus, - hasrestart => $sshd_restartandstatus, + hasstatus => true, + hasrestart => true, } } diff --git a/manifests/init.pp b/manifests/init.pp index c85d3d6..d005d60 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,5 +1,5 @@ class sshd( - $manage_nagios = true, + $manage_nagios = false, $nagios_check_ssh_hostname = 'absent', $ports = [ 22 ], $shared_ip = 'no', @@ -34,13 +34,19 @@ class sshd( $print_motd = 'yes', $manage_shorewall = false, $shorewall_source = 'net', + $sshkey_ipaddress = $::ipaddress, $manage_client = true, ) { + validate_bool($manage_shorewall) + validate_bool($manage_client) + validate_array($listen_address) + validate_array($ports) + if $manage_client { class{'sshd::client': - shared_ip => $sshd::shared_ip, - ensure_version => $sshd::ensure_version, + shared_ip => $shared_ip, + ensure_version => $ensure_version, manage_shorewall => $manage_shorewall, } } diff --git a/manifests/openbsd.pp b/manifests/openbsd.pp index 1ad37cc..cb6dbba 100644 --- a/manifests/openbsd.pp +++ b/manifests/openbsd.pp @@ -1,8 +1,8 @@ class sshd::openbsd inherits sshd::base { Service[sshd]{ - restart => '/bin/kill -HUP `/bin/cat /var/run/sshd.pid`', - stop => '/bin/kill `/bin/cat /var/run/sshd.pid`', - start => '/usr/sbin/sshd', - hasstatus => false, + restart => '/bin/kill -HUP `/bin/cat /var/run/sshd.pid`', + stop => '/bin/kill `/bin/cat /var/run/sshd.pid`', + start => '/usr/sbin/sshd', + status => '/usr/bin/pgrep -f /usr/sbin/sshd', } } |