Age | Commit message (Collapse) | Author |
|
|
|
Latest shorewall module does `shorewall check` (executed
by `Exec[shorewall_check]`) so every related resource change
must notify this Exec instead of `Service[shorewall]` as before.
|
|
- ignore puppet lint error about inheriting from different namespace
|
|
better key algorithm choices.
Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7
|
|
- Related: #7615
|
|
- Tested: [unstable.bitmask.net]
|
|
- #7591 Net::SSH::Exception: could not settle on kex algorithm
We need to disable the ssh hardened mode, because it will not work
together with the net-ssh gem leap_cli is pinned to.
All other options that would be included by this parameter are
included by '$::sshd::tail_additional_options'.
|
|
|
|
update port parameter in site_sshd to be an array, otherwise
puppet errors about it being a Fixnum with new sshd module
Change-Id: I854d042edb98817169eef5e758d04d60d3c71dd5
|
|
a wrong hostname on single node setup (Bug #5998)"
before, the ssh module added this check, resulting in a wrong
hostname and the port was always '22'.
manage_nagios parameter is boolean, so we use false instead of 'no'
manually add check_ssh to nagios (#5998)
|
|
for configuration (#3108)
Change-Id: I4f94a47d47a40bfc6835359e7781707f96e91db0
|
|
The existing site_config::sshd had a non-functioning 'include sshd' line
in it that was not doing what was expected (this was supposed to include
the sshd module, but due to scoping was including itself).
It seemed better to eliminate some of the unused pieces and consolidate
into one config location.
Change-Id: I79dd904e696ca646180a09abbb03b5361dfc8ab9
|
|
Change-Id: I679dfe8dff90b7c86ab0ffff43e13958f1ec2c99
|
|
|
|
|
|
|
|
Conflicts:
platform.rb
|
|
|
|
|
|
The problem with puppet's built-in ssh_authorized_key is that you can
purge unmanaged keys in a authorized_keys file. see
https://leap.se/code/issues/3010 for details.
Conflicts:
puppet/modules/site_sshd/manifests/authorized_keys.pp
Change-Id: I640bf7ebc0f0f7fb19cc46feb4cb2702d6561a9b
|
|
. move the setting of the xterm title to site_config::shell
. change the xterm file resource to use standard source lines, switch to single
quotes, quote mode, and line up parameters
. move the mosh pieces into a site_ssh::mosh class and only include it if the
right mosh variable is enabled, passing into the class the necessary hiera parameters
. lint the site_ssh::mosh resources
. change the authorized_keys class to accept the key parameter which is passed
in from the main ssh class (but allow for out of scope variable lookup when the
tag is passed)
Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604
|
|
|
|
|
|
|