default: { include ntpdate }
}
- # SSH Server
- #
- # We need to restrict listen address so multiple instances
- # can live together in the same physical host.
- #
- case $sshd_listen_address {
- '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] }
- }
-
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
}
# Apt configuration
if $use_apt != false {
- # TODO: remove this in the future after all old nodes
- # have applied the catalog.
- file { '/etc/apt/sources.list.d/debian-backports.list':
- ensure => absent,
- }
-
class { 'apt':
include_src => hiera('nodo::apt_include_src', false),
use_next_release => hiera('nodo::apt_use_next_release', false),
$sshd_hardened_ssl = "yes"
$sshd_print_motd = "yes"
+ # SSH Server
+ #
+ # We need to restrict listen address so multiple instances
+ # can live together in the same physical host.
+ #
+ case $sshd_listen_address {
+ '': { $sshd_listen_address = [ "$ipaddress", '127.0.0.1' ] }
+ }
+
+ class { 'sshd':
+ listen_address => $sshd_listen_address,
+ password_authentication => $sshd_password_authentication,
+ shared_ip => $sshd_shared_ip,
+ tcp_forwarding => $sshd_tcp_forwarding,
+ hardened_ssl => $sshd_hardened_ssl,
+ print_motd => $sshd_print_motd,
+ ports => $sshd_ports,
+ use_pam => $sshd_use_pam,
+ }
+
file { "/etc/hostname":
owner => "root",
group => "root",
}
file { "/etc/rc.local":
- source => "puppet://$server/modules/nodo/etc/rc.local",
+ source => "puppet:///modules/nodo/etc/rc.local",
owner => "root",
group => "root",
mode => 0755,
include resolver
include monkeysphere_nodo
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
}
class { 'syslog-ng::vserver': }
- class { 'sshd':
- listen_address => $sshd_listen_address,
- password_authentication => $sshd_password_authentication,
- shared_ip => $sshd_shared_ip,
- tcp_forwarding => $sshd_tcp_forwarding,
- hardened_ssl => $sshd_hardened_ssl,
- print_motd => $sshd_print_motd,
- ports => $sshd_ports,
- use_pam => $sshd_use_pam,
- }
-
backupninja::sys { "sys":
ensure => present,
partitions => false,
projects / puppet-nodo.git / commitdiff