rendered paste bodyclass ssh_base {
file { "/etc/ssh":
ensure => directory,
mode => 0755,
}
}
class ssh_client inherits ssh_base {
# Collect all the keys
Sshkey <<||>>
package { "openssh-client":
ensure => installed,
before => File["/etc/ssh"],
}
}
class ssh_server inherits ssh_base {
# every server is a client also
include ssh_client
package { "openssh-server":
ensure => installed,
}
service { ssh:
ensure => running,
pattern => "sshd",
require => Package["openssh-server"],
}
# Add the key, if there is one
case $sshrsakey {
"": {
err("no sshkey on $fqdn")
}
default: {
debug ( "Storing rsa key for $hostname.$domain" )
@@sshkey { "$hostname.$domain": type => ssh-rsa, key => $sshrsakey, ensure => present }
}
}
$real_ssh_port = $ssh_port ? { '' => 22, default => $ssh_port }
sshd_config{ "Port": ensure => $real_ssh_port }
}
define sshd_config($ensure) {
replace { "sshd_config_$name":
file => "/etc/ssh/sshd_config",
pattern => "^$name +(?!\\Q$ensure\\E\\D).*",
replacement => "$name $ensure # set by puppet",
notify => Service[ssh],
}
}