diff options
author | Micah Anderson <micah@riseup.net> | 2013-06-28 12:11:32 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2013-06-30 12:38:03 -0400 |
commit | 3b6f11a60778d5cb3ae265980e4e4870bf065de2 (patch) | |
tree | 669aca1a87364d8381304224d1497c6c963ab77e /puppet/modules/site_sshd/manifests/init.pp | |
parent | e6bd481933bd4104fb7839703c88de971559d3db (diff) |
modularize and standardize site_sshd:
. move the setting of the xterm title to site_config::shell
. change the xterm file resource to use standard source lines, switch to single
quotes, quote mode, and line up parameters
. move the mosh pieces into a site_ssh::mosh class and only include it if the
right mosh variable is enabled, passing into the class the necessary hiera parameters
. lint the site_ssh::mosh resources
. change the authorized_keys class to accept the key parameter which is passed
in from the main ssh class (but allow for out of scope variable lookup when the
tag is passed)
Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604
Diffstat (limited to 'puppet/modules/site_sshd/manifests/init.pp')
-rw-r--r-- | puppet/modules/site_sshd/manifests/init.pp | 41 |
1 files changed, 14 insertions, 27 deletions
diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 714c0c5a..905d5c9b 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -1,16 +1,14 @@ class site_sshd { $ssh = hiera_hash('ssh') - $ssh_authorized_keys = $ssh['authorized_keys'] - - include site_sshd::authorized_keys ## - ## XTERM TITLE + ## SETUP AUTHORIZED KEYS ## - file {'/etc/profile.d/xterm-title.sh': - source => "puppet://$server/modules/site_sshd/xterm-title.sh", - owner => root, group => 0, mode => 0644; + $authorized_keys = $ssh['authorized_keys'] + + class { 'site_sshd::authorized_keys': + keys => $authorized_keys } ## @@ -18,27 +16,16 @@ class site_sshd { ## $mosh = $ssh['mosh'] - $mosh_ports = $mosh['ports'] - if $ssh['mosh']['enabled'] { - $mosh_ensure = present - } else { - $mosh_ensure = absent - } - package { 'mosh': - ensure => $mosh_ensure; - } - file { '/etc/shorewall/macro.mosh': - ensure => $mosh_ensure, - content => "PARAM - - udp $mosh_ports", - notify => Service['shorewall'], - require => Package['shorewall']; + if $mosh['enabled'] { + class { 'site_sshd::mosh': + ensure => present, + ports => $mosh['ports'] + } } - shorewall::rule { 'net2fw-mosh': - ensure => $mosh_ensure, - source => 'net', - destination => '$FW', - action => 'mosh(ACCEPT)', - order => 200; + else { + class { 'site_sshd::mosh': + ensure => absent + } } } |