From 382d1cb4aea6e4a2e6fb101346e46bb8a01dbc10 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@leap.se>
Date: Tue, 27 May 2014 19:45:00 -0400
Subject: Add missing scope to top-level sshd class, passing necessary
 parameters for configuration (#3108)

Change-Id: I4f94a47d47a40bfc6835359e7781707f96e91db0
---
 puppet/modules/site_sshd/manifests/init.pp | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

(limited to 'puppet/modules/site_sshd/manifests')

diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp
index e81780ef..400c21ea 100644
--- a/puppet/modules/site_sshd/manifests/init.pp
+++ b/puppet/modules/site_sshd/manifests/init.pp
@@ -1,5 +1,5 @@
 class site_sshd {
-  $ssh = hiera_hash('ssh')
+  $ssh   = hiera_hash('ssh')
   $hosts = hiera('hosts', '')
 
   ##
@@ -24,9 +24,9 @@ class site_sshd {
       content => template('site_sshd/ssh_known_hosts.erb');
 
     '/etc/ssh/ssh_config':
-      owner => root,
-      group => root,
-      mode => '0644',
+      owner   => root,
+      group   => root,
+      mode    => '0644',
       content => template('site_sshd/ssh_config.erb');
   }
 
@@ -47,4 +47,16 @@ class site_sshd {
       ensure => absent
     }
   }
+
+  ##
+  ## SSHD SERVER CONFIGURATION
+  ##
+  class { '::sshd':
+    manage_nagios => 'no',
+    ports         => $ssh['port'],
+    use_pam       => 'yes',
+    hardened_ssl  => 'yes',
+    print_motd    => 'no',
+    manage_client => false
+  }
 }
-- 
cgit v1.2.3