Mercurial > repos > other > Puppet
view modules/ssh/manifests/init.pp @ 72:33682e5b34fc puppet-3.6
Merge latest changes from Default
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sun, 25 Oct 2015 20:17:52 +0000 |
parents | cd79745f0236 |
children | c3fa3d65aa83 |
line wrap: on
line source
# This is an example proposed Puppet Common Module for SSH # # Usage Requirements: # 1) Set $server in site.pp # Allows for a different fileserver than the real puppetmaster # 2) Set $os to $operatingsystem # Saves typing, purely cosmetic # 3) Set $osver to $operatingsystemrelease or $lsbdistrelease # $operatingsystemrelease is not available on all platforms # #Taken from the the Puppet Wiki - http://projects.puppetlabs.com/projects/1/wiki/puppet_common_modules_ssh class ssh { # Distribution independent packages # See also our Operating System specific sub-classes @package { [ "openssh-clients", "openssh-server", # "denyhosts" ]: ensure => installed } # Virtual Resources get defined before we include $operatingsystem specific # classes, so that there is at least something to add and/or override. # # Additionally, this way we can realize() in sub-classes as much as we want # to, and not concern ourselves with duplicate type definitions # # @file { "/etc/denyhosts.conf": # notify => Service["denyhosts"], # require => Package["denyhosts"], # source => [ # "puppet://$server/private/$domain/denyhosts/denyhosts.conf", # "puppet://$server/files/denyhosts/denyhosts.conf", # "puppet://$server/denyhosts/denyhosts.conf" # ] # } @file { "/etc/ssh/ssh_config": owner => "root", mode => 644, require => Package["openssh-clients"], source => [ # # See rationale for an explanation on this list of sources # http://reductivelabs.com/trac/puppet/wiki/PuppetCommonModules/SSH # "puppet://$server/private/$domain/ssh/$operatingsystem/$osver/ssh_config.$hostname", "puppet://$server/private/$domain/ssh/$operatingsystem/$osver/ssh_config", "puppet://$server/private/$domain/ssh/$operatingsystem/ssh_config.$hostname", "puppet://$server/private/$domain/ssh/$operatingsystem/ssh_config", "puppet://$server/private/$domain/ssh/ssh_config.$hostname", "puppet://$server/private/$domain/ssh/ssh_config", "puppet://$server/files/ssh/$operatingsystem/$osver/ssh_config.$hostname", "puppet://$server/files/ssh/$operatingsystem/$osver/ssh_config", "puppet://$server/files/ssh/$operatingsystem/ssh_config.$hostname", "puppet://$server/files/ssh/$operatingsystem/ssh_config", "puppet://$server/files/ssh/ssh_config.$hostname", "puppet://$server/files/ssh/ssh_config", "puppet://$server/ssh/$operatingsystem/$osver/ssh_config", "puppet://$server/ssh/$operatingsystem/ssh_config", "puppet://$server/ssh/ssh_config" ], sourceselect => first } @file { "/etc/ssh/sshd_config": owner => "root", mode => 644, notify => Service["openssh-server"], require => Package["openssh-server"], source => [ # # See rationale for an explanation on this list of sources # http://reductivelabs.com/trac/puppet/wiki/PuppetCommonModules/SSH # "puppet://$server/private/$domain/ssh/$operatingsystem/$osver/sshd_config.$hostname", "puppet://$server/private/$domain/ssh/$operatingsystem/$osver/sshd_config", "puppet://$server/private/$domain/ssh/$operatingsystem/sshd_config.$hostname", "puppet://$server/private/$domain/ssh/$operatingsystem/sshd_config", "puppet://$server/private/$domain/ssh/sshd_config.$hostname", "puppet://$server/private/$domain/ssh/sshd_config", "puppet://$server/files/ssh/$operatingsystem/$osver/sshd_config.$hostname", "puppet://$server/files/ssh/$operatingsystem/$osver/sshd_config", "puppet://$server/files/ssh/$operatingsystem/sshd_config.$hostname", "puppet://$server/files/ssh/$operatingsystem/sshd_config", "puppet://$server/files/ssh/sshd_config.$hostname", "puppet://$server/files/ssh/sshd_config", "puppet://$server/ssh/$operatingsystem/$osver/sshd_config", "puppet://$server/ssh/$operatingsystem/sshd_config", "puppet://$server/ssh/sshd_config" ], sourceselect => first } @service { "openssh-server": enable => true, ensure => running, require => [ File["/etc/ssh/sshd_config"], Package["openssh-server"] ] } # Include operatingsystem specific subclass case $::osfamily { Redhat: { include ssh::centos } default:{fail("Invalid OS type for SSH - $osfamily")} } } class ssh::client inherits ssh { realize(Package["openssh-clients"]) } class ssh::server inherits ssh { realize(File["/etc/ssh/sshd_config"]) realize(Package["openssh-server"]) realize(Service["openssh-server"]) } class ssh::centos inherits ssh { File["/etc/ssh/ssh_config"] { group => "root" } Service["openssh-server"] { name => "sshd", hasrestart => true, hasstatus => true, # restart => "/etc/init.d/sshd restart", # status => "/etc/init.d/sshd status" } }