From 26e4ac53a93c61fad4c07c44009cd180e4196d36 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Fri, 26 Sep 2008 18:23:25 -0400
Subject: add sshd_port variable enabling you to set a different port for sshd,
 default is 22

---
 manifests/init.pp                        | 8 +++++++-
 templates/sshd_config/CentOS_normal.erb  | 7 ++++++-
 templates/sshd_config/Debian_normal.erb  | 8 +++++++-
 templates/sshd_config/Gentoo_normal.erb  | 7 ++++++-
 templates/sshd_config/OpenBSD_normal.erb | 7 ++++++-
 5 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index e48524d..c2f318c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -80,7 +80,9 @@
 # sshd_permit_empty_passwords:	If you want enable PermitEmptyPasswords to allow empty passwords
 # 				Valid Values: yes or no
 #				Default: no
-
+#
+# sshd_port:                    If you want to specify a different port than the default 22
+#                               Default: 22
 
 class sshd {
     include sshd::client 
@@ -159,6 +161,10 @@ class sshd::base {
     	'' => 'no',
 	default => $sshd_permit_empty_passwords
     }
+    $real_sshd_port = $sshd_port ? {
+      '' => 22,
+      default => $sshd_port
+    }
     
     file { 'sshd_config':
         path => '/etc/ssh/sshd_config',
diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb
index a0ec786..3217b4e 100644
--- a/templates/sshd_config/CentOS_normal.erb
+++ b/templates/sshd_config/CentOS_normal.erb
@@ -10,7 +10,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #Protocol 2,1
 Protocol 2
 #AddressFamily any
diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb
index f6a2a81..7cdb5f2 100644
--- a/templates/sshd_config/Debian_normal.erb
+++ b/templates/sshd_config/Debian_normal.erb
@@ -2,7 +2,13 @@
 # See the sshd(8) manpage for defails
 
 # What ports, IPs and protocols we listen for
-# Port 22
+
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 # Use these options to restrict which interfaces/protocols sshd will bind to
 #ListenAddress ::
 #ListenAddress 0.0.0.0
diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb
index ca6b90a..c8e2ee1 100644
--- a/templates/sshd_config/Gentoo_normal.erb
+++ b/templates/sshd_config/Gentoo_normal.erb
@@ -10,7 +10,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::
diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb
index 96d8bbd..139613a 100644
--- a/templates/sshd_config/OpenBSD_normal.erb
+++ b/templates/sshd_config/OpenBSD_normal.erb
@@ -8,7 +8,12 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-#Port 22
+<%- unless real_sshd_port.to_s.empty? then %>
+Port <%= real_sshd_port %>
+<%- else %>
+Port 22
+<%- end %>
+
 #Protocol 2,1
 #AddressFamily any
 #ListenAddress 0.0.0.0
-- 
cgit v1.2.3