diff options
Diffstat (limited to 'manifests/init.pp')
-rw-r--r-- | manifests/init.pp | 30 |
1 files changed, 24 insertions, 6 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 90b7c64..76ee107 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -142,8 +142,11 @@ # Valid Values: yes or no # Default: no # -# sshd_port: If you want to specify a different port than the default 22 -# Default: 22 +# sshd_port: Deprecated, use sshd_ports instead. +# +# sshd_ports: If you want to specify a list of ports other than the default 22 +# Default: [22] +# # # sshd_authorized_keys_file: Set this to the location of the AuthorizedKeysFile (e.g. /etc/ssh/authorized_keys/%u) # Default: AuthorizedKeysFile %h/.ssh/authorized_keys @@ -232,8 +235,13 @@ class sshd { case $sshd_permit_empty_passwords { '': { $sshd_permit_empty_passwords = 'no' } } - case $sshd_port { - '': { $sshd_port = 22 } + if ( $sshd_port != '' ) and ( $sshd_ports != []) { + err("Cannot use sshd_port and sshd_ports at the same time.") + } + if $sshd_port != '' { + $sshd_ports = [ $sshd_port ] + } elsif ! $sshd_ports { + $sshd_ports = [ 22 ] } case $sshd_authorized_keys_file { '': { $sshd_authorized_keys_file = "%h/.ssh/authorized_keys" } @@ -265,11 +273,21 @@ class sshd { if $use_nagios { case $nagios_check_ssh { false: { info("We don't do nagioschecks for ssh on ${fqdn}" ) } - default: { nagios::service{ "ssh_port_${sshd_port}": check_command => "check_ssh_port!$sshd_port" } } + default: { + sshd::nagios{$sshd_ports: + check_hostname => $nagios_check_ssh_hostname ? { + '' => 'absent', + undef => 'absent', + default => $nagios_check_ssh_hostname + } + } + } } } if $use_shorewall{ - include shorewall::rules::ssh + class{'shorewall::rules::ssh': + ports => $sshd_ports, + } } } |