diff options
| author | mh <mh@immerda.ch> | 2016-03-28 11:59:48 +0200 |
|---|---|---|
| committer | kwadronaut <kwadronaut@leap.se> | 2018-09-27 00:47:00 +0200 |
| commit | 12bae22866ab2845fa5009ba1a1513ef081cba96 (patch) | |
| tree | 698eacbab484f383fc00811d4587d9042dd32a79 | |
| parent | 0292498c712f50900ceea2ac6cf3c0b4af1d0e94 (diff) | |
| -rw-r--r-- | manifests/init.pp | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index b415741..cd74be4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -28,18 +28,21 @@ class sshd( $hostbased_authentication = 'no', $permit_empty_passwords = 'no', $authorized_keys_file = $::osfamily ? { - Debian => $::lsbmajdistrelease ? { - 6 => '%h/.ssh/authorized_keys', + 'Debian' => $::operatingsystemmajrelease ? { + '6' => '%h/.ssh/authorized_keys', default => '%h/.ssh/authorized_keys %h/.ssh/authorized_keys2', }, - RedHat => $::operatingsystemmajrelease ? { - 5 => '%h/.ssh/authorized_keys', - 6 => '%h/.ssh/authorized_keys', + 'RedHat' => $::operatingsystemmajrelease ? { + '5' => '%h/.ssh/authorized_keys', + '6' => '%h/.ssh/authorized_keys', default => '%h/.ssh/authorized_keys %h/.ssh/authorized_keys2', }, - OpenBSD => '%h/.ssh/authorized_keys', - default => '%h/.ssh/authorized_keys %h/.ssh/authorized_keys2', + 'OpenBSD' => '%h/.ssh/authorized_keys', + default => '%h/.ssh/authorized_keys %h/.ssh/authorized_keys2', }, + $hardened_client = 'no', + $harden_moduli = 'no', + $use_host_ecdsa_key = 'no', $hardened = 'no', $sftp_subsystem = '', $head_additional_options = '', @@ -62,7 +65,7 @@ class sshd( validate_array($ports) if $manage_client { - class{'sshd::client': + class{'::sshd::client': shared_ip => $shared_ip, ensure_version => $ensure_version, manage_shorewall => $manage_shorewall, @@ -70,11 +73,11 @@ class sshd( } case $::operatingsystem { - gentoo: { include sshd::gentoo } - redhat,centos: { include sshd::redhat } - openbsd: { include sshd::openbsd } - debian,ubuntu: { include sshd::debian } - default: { include sshd::base } + 'Gentoo': { include ::sshd::gentoo } + 'RedHat','CentOS': { include ::sshd::redhat } + 'OpenBSD': { include ::sshd::openbsd } + 'Debian','Ubuntu': { include ::sshd::debian } + default: { include ::sshd::base } } if $manage_nagios { @@ -84,7 +87,7 @@ class sshd( } if $manage_shorewall { - class{'shorewall::rules::ssh': + class{'::shorewall::rules::ssh': ports => $ports, source => $shorewall_source } |