Introducing sshd_internal_ip variable

diff --git a/manifests/base.pp b/manifests/base.pp
index 2ac238505318d28bdc3cdeca7847b87ee8d55b75..76203ee008df195c80ac12a200d0fec420966ef7 100644 (file)
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -14,14 +14,20 @@ class sshd::base {
     '': { info("no sshrsakey on $fqdn") }
     default: {
       @@sshkey{"$hostname.$domain":
-        type => ssh-rsa,
-        key => $sshrsakey_key,
+        tag    => "fqdn",
+        type   => ssh-rsa,
+        key    => $sshrsakey_key,
         ensure => present,
       }
-      @@sshkey{"$ipaddress":
-        type => ssh-rsa,
-        key => $sshrsakey,
-        ensure => present,
+      # In case the node has an internal network address,
+      # we don't define a sshkey resource using an IP address
+      if $sshd_internal_ip == "no" {
+        @@sshkey{"$ipaddress":
+          tag    => "ipaddress",
+          type   => ssh-rsa,
+          key    => $sshrsakey,
+          ensure => present,
+        }
       }
     }
   }

diff --git a/manifests/client/base.pp b/manifests/client/base.pp
index 33d9f9e17e7d97fba92ee795fb583c1289c39925..b1dc99def9ed82f676426b84d970499958d1ec39 100644 (file)
--- a/manifests/client/base.pp
+++ b/manifests/client/base.pp
@@ -5,5 +5,8 @@ class sshd::client::base {
   }
 
   # Now collect all server keys
-  Sshkey <<||>>
+  case $sshd_internal_ip {
+    no:  { Sshkey <<||>> }
+    yes: { Sshkey <<| tag == "fqdn" |>> }
+  }
 }

diff --git a/manifests/init.pp b/manifests/init.pp
index ba48b8cf5dbeb563d3eb3d45dd1a1801ab7d3ac1..4bfeb3bf1381b442fa3c4d19e2c1eb364ad6ca8f 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -214,6 +214,9 @@ class sshd {
   case $sshd_print_motd {
     '': { $sshd_print_motd = "yes" }
   }
+  case $sshd_internal_ip {
+    '': { $sshd_internal_ip = "no" }
+  }
 
   include sshd::client