diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2021-12-29 20:32:35 +0100 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2021-12-29 20:38:02 +0100 |
commit | 707c7e2448a5ad747101f2c032e7b50aa0d8f4af (patch) | |
tree | efe17adccddc83113cef5ed71c5989ef0f087887 | |
parent | Repair gitmodules file. (diff) | |
download | webdav_server-707c7e2448a5ad747101f2c032e7b50aa0d8f4af.tar.gz webdav_server-707c7e2448a5ad747101f2c032e7b50aa0d8f4af.tar.xz |
Setup ssh for busting.
Diffstat (limited to '')
-rw-r--r-- | manifests/site.pp | 6 | ||||
-rw-r--r-- | modules/ssh/manifests/init.pp | 30 |
2 files changed, 35 insertions, 1 deletions
diff --git a/manifests/site.pp b/manifests/site.pp index 8ba8b9a..1a068f5 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -6,6 +6,10 @@ node 'busting.adrift.space' { path => '/etc/hosts', } + class { 'ssh': + permit_root_login => true, + } + ensure_packages(['ruby']) class { 'puppet': @@ -63,11 +67,11 @@ node 'busting.adrift.space' { python_loglevel => 'debug', } - class { 'puppetboard::apache::vhost': vhost_name => $::fqdn, port => 80, } +} node 'gandalf.adrift.space' { profiles::remarkable { 'any name': diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp new file mode 100644 index 0000000..8db8eef --- /dev/null +++ b/modules/ssh/manifests/init.pp @@ -0,0 +1,30 @@ +class ssh ( + Variant[Enum['prohibit-password'], Boolean] $permit_root_login = false, +) { + + $pkgs = $facts['os']['family'] ? { + 'Debian' => ['openssh-server'], + 'Archlinux' => ['openssh'], + } + + ensure_packages($pkgs) + + $root_login = $permit_root_login ? { + 'prohibit-password' => 'prohibit-password', + true => 'yes', + false => 'no', + } + + file_line { 'sshd permit_root_login': + ensure => present, + path => '/etc/ssh/sshd_config', + line => "PermitRootLogin ${root_login}", + match => '^#? *PermitRootLogin ', + } + + + # file { '/etc/ssh/sshd_config': + # ensure => file, + # content => epp('ssh/sshd_config.epp'), + # } +} |