]> gitweb.fluxo.info Git - puppet-sshd.git/commitdiff
projects / puppet-sshd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 60eb931)
replace the sshd_additional_options variable with two, one called
authorMicah Anderson <micah@riseup.net>
Wed, 8 Jul 2009 00:52:40 +0000 (20:52 -0400)
committerMicah Anderson <micah@riseup.net>
Wed, 8 Jul 2009 00:52:40 +0000 (20:52 -0400)
sshd_head_additional_options and one called sshd_tail_additional_options.
the first puts the value at the beginning of the file, and the second at
the end.

This is necessary due to some option ordering requiring things to be
before others

manifests/init.pp patch | blob | history
templates/sshd_config/CentOS.erb patch | blob | history
templates/sshd_config/Debian_etch.erb patch | blob | history
templates/sshd_config/Debian_lenny.erb patch | blob | history
templates/sshd_config/Gentoo.erb patch | blob | history
templates/sshd_config/OpenBSD.erb patch | blob | history

diff --git a/manifests/init.pp b/manifests/init.pp
index 0480feee6b83ced757fd14ded836593ab3df10bb..b7ae2000992809b06efba60acd49b4b93235bf60 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -113,10 +113,17 @@
 #                       Might be interesting for sftponly usage
 #                       Default: empty -> no change of the default
 #
-# sshd_additional_options:  Set this to any additional sshd_options which aren't listed above.
-#                           As well this option might be usefull to define complexer Match Blocks
-#                           This string is going to be included, like it is defined. So take care!
-#                           Default: empty -> not added.
+# sshd_head_additional_options:  Set this to any additional sshd_options which aren't listed above.
+#                                Anything set here will be added to the beginning of the sshd_config file.
+#                                This option might be useful to define complicated Match Blocks
+#                                This string is going to be included, like it is defined. So take care!
+#                                Default: empty -> not added.
+#
+# sshd_tail_additional_options:  Set this to any additional sshd_options which aren't listed above.
+#                                Anything set here will be added to the end of the sshd_config file.
+#                                This option might be useful to define complicated Match Blocks
+#                                This string is going to be included, like it is defined. So take care!
+#                                Default: empty -> not added.
 
 class sshd {
   include sshd::client 
@@ -195,8 +202,12 @@ class sshd::base {
   case $sshd_sftp_subsystem {
     '': { $sshd_sftp_subsystem = '' }
   }
-  case $sshd_additional_options {
-    '': { $sshd_additional_options = '' }
+  case $sshd_head_additional_options {
+    '': { $sshd_head_additional_options = '' }
+  }
+  case $sshd_tail_additional_options {
+    '': { $sshd_tail_additional_options = '' }
+  }
   }
   
   file { 'sshd_config':
diff --git a/templates/sshd_config/CentOS.erb b/templates/sshd_config/CentOS.erb
index 27880cb3b42a2038a9e1bc131bc221be38ae031a..a3a9a5290eed582b56ebbd0ac3dc662c2011a4c9 100644 (file)
--- a/templates/sshd_config/CentOS.erb
+++ b/templates/sshd_config/CentOS.erb
@@ -10,10 +10,8 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-<%- unless sshd_port.to_s.empty? then %>
-Port <%= sshd_port %>
-<%- else %>
-Port 22
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
 <%- end %>
 
 # Use these options to restrict which interfaces/protocols sshd will bind to
@@ -200,7 +198,7 @@ AllowGroups <%= sshd_allowed_groups %>
 <%- end %>
 
 
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
 <%- end %>
 
diff --git a/templates/sshd_config/Debian_etch.erb b/templates/sshd_config/Debian_etch.erb
index f030a62912b4dde98b4b4b9a80e719abdf81eaeb..25241725ed1da7969c8788a5f8cb4aed0e09b0ce 100644 (file)
--- a/templates/sshd_config/Debian_etch.erb
+++ b/templates/sshd_config/Debian_etch.erb
@@ -1,6 +1,10 @@
 # Package generated configuration file
 # See the sshd(8) manpage for details
 
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
+<%- end %>
+
 # What ports, IPs and protocols we listen for
 <%- unless sshd_port.to_s.empty? then -%>
 Port <%= sshd_port -%>
@@ -170,7 +174,7 @@ AllowGroups <%= sshd_allowed_groups %>
 
 PrintMotd no
 
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
 <%- end %>
 
diff --git a/templates/sshd_config/Debian_lenny.erb b/templates/sshd_config/Debian_lenny.erb
index 1762da3071cc74cec81833d7f20e7db3009a7415..c7f4ab4e9612e1fe21bee381f564f9e835c16b18 100644 (file)
--- a/templates/sshd_config/Debian_lenny.erb
+++ b/templates/sshd_config/Debian_lenny.erb
@@ -1,6 +1,10 @@
 # Package generated configuration file
 # See the sshd(8) manpage for details
 
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
+<%- end %>
+
 # What ports, IPs and protocols we listen for
 <%- unless sshd_port.to_s.empty? then -%>
 Port <%= sshd_port -%>
@@ -176,7 +180,7 @@ AllowGroups <%= sshd_allowed_groups %>
 
 PrintMotd no
 
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
 <%- end %>
 
diff --git a/templates/sshd_config/Gentoo.erb b/templates/sshd_config/Gentoo.erb
index 77ed37884a29bc966f7e64a7ea11ba738e017137..ad1503123d52532e072e0ce5d39e8122e7733e10 100644 (file)
--- a/templates/sshd_config/Gentoo.erb
+++ b/templates/sshd_config/Gentoo.erb
@@ -10,10 +10,8 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-<%- unless sshd_port.to_s.empty? then %>
-Port <%= sshd_port %>
-<%- else %>
-Port 22
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
 <%- end %>
 
 # Use these options to restrict which interfaces/protocols sshd will bind to
@@ -203,8 +201,8 @@ AllowGroups <%= sshd_allowed_groups %>
 <%- end %>
 
 
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
 <%- end %>
 
 
diff --git a/templates/sshd_config/OpenBSD.erb b/templates/sshd_config/OpenBSD.erb
index a6e0763ee910924300b30b4d45f5489aad2ff323..045d9ba59e01ff0fc2e98df0f07d2831e191760a 100644 (file)
--- a/templates/sshd_config/OpenBSD.erb
+++ b/templates/sshd_config/OpenBSD.erb
@@ -8,10 +8,8 @@
 # possible, but leave them commented.  Uncommented options change a
 # default value.
 
-<%- unless sshd_port.to_s.empty? then %>
-Port <%= sshd_port %>
-<%- else %>
-Port 22
+<%- unless sshd_head_additional_options.to_s.empty? then %>
+<%= sshd_head_additional_options %>
 <%- end %>
 
 # Use these options to restrict which interfaces/protocols sshd will bind to
@@ -178,6 +176,6 @@ AllowGroups <%= sshd_allowed_groups %>
 #      AllowTcpForwarding no
 #      ForceCommand cvs server
 
-<%- unless sshd_additional_options.to_s.empty? then %>
-<%= sshd_additional_options %>
+<%- unless sshd_tail_additional_options.to_s.empty? then %>
+<%= sshd_tail_additional_options %>
 <%- end %>
Puppet module for sshd