puppet/modules/site_sshd/manifests/init.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

class site_sshd {
  $ssh = hiera_hash('ssh')

  ##
  ## XTERM TITLE
  ##

  file {'/etc/profile.d/xterm-title.sh':
    source => "puppet://$server/modules/site_sshd/xterm-title.sh",
    owner => root, group => 0, mode => 0644;
  }

  ##
  ## OPTIONAL MOSH SUPPORT
  ##

  $mosh = $ssh['mosh']
  $mosh_ports = $mosh['ports']
  if $ssh['mosh']['enabled'] {
    $mosh_ensure = present
  } else {
    $mosh_ensure = absent
  }

  package { 'mosh':
    ensure => $mosh_ensure;
  }
  file { '/etc/shorewall/macro.mosh':
    ensure  => $mosh_ensure,
    content => "PARAM   -       -       udp    $mosh_ports",
    notify  => Service['shorewall'],
    require => Package['shorewall'];
  }
  shorewall::rule { 'net2fw-mosh':
    ensure      => $mosh_ensure,
    source      => 'net',
    destination => '$FW',
    action      => 'mosh(ACCEPT)',
    order       => 200;
  }
}