From fe92ce01fabe2d1b6a966d119e24c07cd164b776 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 9 Nov 2015 10:22:58 +0100
Subject: [feat] Optinally disable exported resources

If run masterless, we cannot export resources, so
we move them to an own class. Including it can be
disabled by passing "use_storedconfig" to the sshd
class.
---
 manifests/base.pp   | 18 +++---------------
 manifests/init.pp   |  3 ++-
 manifests/sshkey.pp | 21 +++++++++++++++++++++
 3 files changed, 26 insertions(+), 16 deletions(-)
 create mode 100644 manifests/sshkey.pp

diff --git a/manifests/base.pp b/manifests/base.pp
index 6dddedf..abd4fb8 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -25,21 +25,9 @@ class sshd::base {
   case $::sshrsakey {
     '': { info("no sshrsakey on ${::fqdn}") }
     default: {
-      @@sshkey{$::fqdn:
-        ensure => present,
-        tag    => 'fqdn',
-        type   => ssh-rsa,
-        key    => $::sshrsakey,
-      }
-      # In case the node has uses a shared network address,
-      # we don't define a sshkey resource using an IP address
-      if $sshd::shared_ip == 'no' {
-        @@sshkey{$sshd::sshkey_ipaddress:
-          ensure => present,
-          tag    => 'ipaddress',
-          type   => ssh-rsa,
-          key    => $::sshrsakey,
-        }
+      # only export sshkey when storedconfigs is enabled
+      if $::sshd::use_storedconfigs {
+        include ::ssh::sshkey
       }
     }
   }
diff --git a/manifests/init.pp b/manifests/init.pp
index 2dfc71c..b415741 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -52,7 +52,8 @@ class sshd(
   $hostkey_type = versioncmp($::ssh_version, '6.5') ? {
     /(^1|0)/ => [ 'rsa', 'ed25519' ],
     /-1/    => [ 'rsa', 'dsa' ]
-  }
+  },
+  $use_storedconfigs = true
 ) {
 
   validate_bool($manage_shorewall)
diff --git a/manifests/sshkey.pp b/manifests/sshkey.pp
new file mode 100644
index 0000000..df37a66
--- /dev/null
+++ b/manifests/sshkey.pp
@@ -0,0 +1,21 @@
+# deploys the
+class sshd::sshkey {
+
+  @@sshkey{$::fqdn:
+    ensure => present,
+    tag    => 'fqdn',
+    type   => 'ssh-rsa',
+    key    => $::sshrsakey,
+  }
+
+  # In case the node has uses a shared network address,
+  # we don't define a sshkey resource using an IP address
+  if $sshd::shared_ip == 'no' {
+    @@sshkey{$::sshd::sshkey_ipaddress:
+      ensure => present,
+      tag    => 'ipaddress',
+      type   => 'ssh-rsa',
+      key    => $::sshrsakey,
+    }
+  }
+}
-- 
cgit v1.2.3