git subrepo clone https://leap.se/git/puppet_sshd puppet/modules/sshd

subrepo:
  subdir:   "puppet/modules/sshd"
  merged:   "76f4f87"
upstream:
  origin:   "https://leap.se/git/puppet_sshd"
  branch:   "master"
  commit:   "76f4f87"
git-subrepo:
  version:  "0.3.0"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "1e79595"

Change-Id: Icf616796837cdbe40deb188d2b72f1c726c9e807

1 files changed, 40 insertions, 0 deletions

diff --git a/puppet/modules/sshd/manifests/autossh.pp b/puppet/modules/sshd/manifests/autossh.pp
new file mode 100644
index 00000000..5650584a
--- /dev/null
+++ b/puppet/modules/sshd/manifests/autossh.pp
@@ -0,0 +1,40 @@
+class sshd::autossh($host,
+                    $port = undef, # this should be a remote->local hash
+                    $remote_user = undef,
+                    $user = 'root',
+                    $pidfile = '/var/run/autossh.pid',
+) {
+  if $port {
+    $port_ensure = $port
+  }
+  else {
+    # random port between 10000 and 20000
+    $port_ensure = fqdn_rand(10000) + 10000
+  }
+  if $remote_user {
+    $remote_user_ensure = $remote_user
+  }
+  else {
+    $remote_user_ensure = "host-$fqdn"
+  }
+  file {
+    '/etc/init.d/autossh':
+      mode   => '0555',
+      source => 'puppet:///modules/sshd/autossh.init.d';
+    '/etc/default/autossh':
+      mode    => '0444',
+      content => "USER=$user\nPIDFILE=$pidfile\nDAEMON_ARGS='-M0 -f -o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n";
+  }
+  package { 'autossh':
+    ensure => present,
+  }
+  service { 'autossh':
+    ensure    => running,
+    enable    => true,
+    subscribe => [
+                  File['/etc/init.d/autossh'],
+                  File['/etc/default/autossh'],
+                  Package['autossh'],
+                  ],
+  }
+}