tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/ssh/manifests/init.pp

105 lines
2.4 KiB
Puppet
Raw Blame History

# Class: ssh::known_hosts
#
# Install global ssh_known_hosts file generated from LDAP directory.
#
# === Depencies:
#
# Template file generation requires Ruby LDAP bindings[http://ruby-ldap.sourceforge.net/] on puppet server.
#
class ssh::known_hosts {
file { "/etc/ssh/ssh_known_hosts":
ensure => present,
content => template("ssh/ssh_known_hosts.erb"),
mode => 0644,
owner => root,
group => $operatingsystem ? {
OpenBSD => wheel,
default => root,
},
}
}
# Install SSH host keys.
#
class ssh::hostkeys {
file { "/etc/ssh/ssh_host_dsa_key":
ensure => present,
source => "puppet:///private/ssh_host_dsa_key",
mode => 0600,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
file { "/etc/ssh/ssh_host_dsa_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_dsa_key.pub",
mode => 0644,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
file { "/etc/ssh/ssh_host_rsa_key":
ensure => present,
source => "puppet:///private/ssh_host_rsa_key",
mode => 0600,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
file { "/etc/ssh/ssh_host_rsa_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_rsa_key.pub",
mode => 0644,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
file { "/etc/ssh/ssh_host_key":
ensure => present,
source => "puppet:///private/ssh_host_key",
mode => 0600,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
file { "/etc/ssh/ssh_host_key.pub":
ensure => present,
source => "puppet:///private/ssh_host_key.pub",
mode => 0644,
owner => root,
group => $operatingsystem ? {
openbsd => wheel,
default => root,
},
}
}
# Disable SSH server.
#
class ssh::disable {
service { "sshd":
ensure => stopped,
enable => false,
}
}
Reference in a new issue View git blame Copy permalink