If run masterless, we cannot export resources, so
we move them to an own class. Including it can be
disabled by passing "use_storedconfig" to the sshd
class.
case $::sshrsakey {
'': { info("no sshrsakey on ${::fqdn}") }
default: {
- @@sshkey{$::fqdn:
- ensure => present,
- tag => 'fqdn',
- type => ssh-rsa,
- key => $::sshrsakey,
- }
- # In case the node has uses a shared network address,
- # we don't define a sshkey resource using an IP address
- if $sshd::shared_ip == 'no' {
- @@sshkey{$sshd::sshkey_ipaddress:
- ensure => present,
- tag => 'ipaddress',
- type => ssh-rsa,
- key => $::sshrsakey,
- }
+ # only export sshkey when storedconfigs is enabled
+ if $::sshd::use_storedconfigs {
+ include ::ssh::sshkey
}
}
}
$hostkey_type = versioncmp($::ssh_version, '6.5') ? {
/(^1|0)/ => [ 'rsa', 'ed25519' ],
/-1/ => [ 'rsa', 'dsa' ]
- }
+ },
+ $use_storedconfigs = true
) {
validate_bool($manage_shorewall)
--- /dev/null
+# deploys the
+class sshd::sshkey {
+
+ @@sshkey{$::fqdn:
+ ensure => present,
+ tag => 'fqdn',
+ type => 'ssh-rsa',
+ key => $::sshrsakey,
+ }
+
+ # In case the node has uses a shared network address,
+ # we don't define a sshkey resource using an IP address
+ if $sshd::shared_ip == 'no' {
+ @@sshkey{$::sshd::sshkey_ipaddress:
+ ensure => present,
+ tag => 'ipaddress',
+ type => 'ssh-rsa',
+ key => $::sshrsakey,
+ }
+ }
+}
projects / puppet-sshd.git / commitdiff