aboutsummaryrefslogtreecommitdiff
path: root/manifests/init.pp
AgeCommit message (Collapse)Author
2014-01-27validate parametersTomas Barton
2013-05-29Nagios disabled by defaultYoann Laissus
2013-02-03style fixesMichael Moll
silence puppet-lint
2012-06-13migrate away from hiera stuffmh
2012-06-05new style for 2.7mh
2011-07-21Adding PrintMotd parameter to all templates and setting per-distro default valueSilvio Rhatto
2011-07-16Clean out $ssh_use_strong_ciphersGabriel Filion
A tentative option from rhatto using the variable named $ssh_use_strong_ciphers still has two lines in init.pp Since the same functionality is provided by the variable $ssh_hardened_ssl that was merged in the shared repository, rhatto removed his feature. But there are still two lines left, so simply remove them. Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2011-07-13Merge branch 'master' of git://labs.riseup.net/shared-sshdSilvio Rhatto
2011-06-21Merge remote-tracking branch 'lelutin/freebsd'Micah Anderson
2011-06-21New opt-in support to only use strong SSL ciphers and MACs.intrigeri
The new configuration variable is $sshd_hardened_ssl. Settings were stolen from https://github.com/ioerror/duraconf.git.
2011-02-23Changing parameter name sshd_perfect_forward_secrecy to ↵Silvio Rhatto
sshd_use_strong_ciphers as sshd already does PFS
2011-02-19Merge branch 'master' of git://labs.riseup.net/shared-sshdSilvio Rhatto
Conflicts: templates/sshd_config/Debian_squeeze.erb
2011-02-19Pull together a more comprehensive README, moving the configurable variables ↵Micah Anderson
from init.pp into the README, and detailing the other features, and requirements, of the module
2011-02-14Merge remote branch 'shared/master'intrigeri
Conflicts: templates/sshd_config/Debian_squeeze.erb I always picked the shared repository version when conflicts arose. The only exception to this rule was: I kept my branch's "HostbasedUsesNameFromPacketOnly yes" in order to be consistent with existing Etch and Lenny templates. This is not the default Debian setting, but I would find it weird if a host had this setting changed by Puppet after upgrading to Squeeze. The right way to proceed would probably be to make this configurable.
2011-02-13Merge branch 'master' of git://labs.riseup.net/shared-sshdSilvio Rhatto
2011-01-30Fix inclusion for default osGabriel Filion
When the os of a client is not one of those that use a specialized class, (e.g. FreeBSD) the inclusion is currently broken: it tries to include sshd::default which does not exist. Change this to include sshd::base instead. Signed-off-by: Gabriel Filion <lelutin@gmail.com>
2010-12-16Introducing perfect forward secrecy for SSHSilvio Rhatto
2010-12-15remote KerberosGetAFSToken, its actually not a functional configuration ↵Micah Anderson
option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238)
2010-12-14add Debian Squeeze sshd template. Enabled kerberos and gssapi options, using ↵Micah Anderson
the defaults when not specified
2010-10-20use parametrized class to pass ssh_ports to open up thingsmh
2010-10-20add nagios_check_ssh_hostname to tweak the hostname which whould be ↵mh
monitored, as this one might actually differ
2010-10-20move define to own classmh
2010-10-18Bugfixintrigeri
2010-10-16bugfixintrigeri
2010-10-16bugfixintrigeri
2010-10-16New option sshd_ports that obsoletes sshd_port.intrigeri
Backward compatibility is preserved.
2010-02-25Merge branch 'master' of git://labs.riseup.net/module_sshdSilvio Rhatto
2010-02-21update nagios check_command to check ssh port. it was using ssh_port, it ↵Micah Anderson
should be 'check_ssh_port'
2010-01-30Renaming $sshd_internal_ip to $sshd_shared_ipSilvio Rhatto
2009-12-28Merge branch 'master' of git://labs.riseup.net/module_sshdSilvio Rhatto
2009-12-27Merge remote branch 'lavamind/master'Micah Anderson
2009-12-27Introducing sshd_internal_ip variableSilvio Rhatto
2009-12-27PrintMotd using default OpenSSH settingSilvio Rhatto
2009-12-21update comments to include information about how to use the nagiosMicah Anderson
checks and the pre-requirements
2009-12-19fix the comments section so that the include isn't misleading. if youMicah Anderson
use 'include sshd::debian', then none of the variables are set, and you will fail to parse the templates
2009-12-18remove fqdn from nagios service description (hostname is used in the ↵Jerome Charaoui
internal nagios_service name)
2009-12-11false != 'false'mh
2009-12-10re-add shorewall in rule :/mh
2009-12-10merged with riseup module, various cleaning upmh
2009-12-07better set the variables in the initmh
2009-12-07factor everything into its own filemh
2009-12-07do not quote default!mh
2009-12-07try if setting a target fixes the problemmh
2009-12-07changed target behaviourmh
2009-12-07adjusted to new usage of booleansmh
2009-12-07adjusted to new usage of booleansmh
2009-10-01Revert "fix missing curly brace" -- this was actually correctMicah Anderson
This reverts commit d4fba70a51eeb253b0155f378ce7735df9479cd4.
2009-09-29fix missing curly braceMicah Anderson
2009-07-09fix previous change which took the client/server packages out of the linux classMicah Anderson
and instead allow for a version change through an if variable. thanks ng!
2009-07-07the sshd::linux class cannot also define the openssh packageMicah Anderson
if we are to have the possibility of potentially overriding the version number it must be done in the base class