opuppet/module-sshd
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
180 commits 2 branches 0 tags 297 KiB
Commit graph

180 commits

This branch
This branch
All branches
Author SHA1 Message Date
intrigeri
6baed9bd81 Merge remote branch 'lelutin/debian_template' 2011-02-21 18:20:46 +01:00
Micah Anderson
e0d3cdbd36 Update README to include the ssh_keygen function 2011-02-19 14:18:02 -05:00
Micah Anderson
86f31fcff9 Pull together a more comprehensive README, moving the configurable variables from init.pp into the README, and detailing the other features, and requirements, of the module 2011-02-19 14:12:04 -05:00
intrigeri
2f7903bcc4 Merge remote branch 'shared/master' 
Conflicts:
	templates/sshd_config/Debian_squeeze.erb

I always picked the shared repository version when conflicts arose.
The only exception to this rule was:
I kept my branch's "HostbasedUsesNameFromPacketOnly yes" in order
to be consistent with existing Etch and Lenny templates.
This is not the default Debian setting, but I would find it weird if a host
had this setting changed by Puppet after upgrading to Squeeze.
The right way to proceed would probably be to make this configurable.
 2011-02-14 17:17:31 +01:00
intrigeri
7c046e3fdf Merge remote branch 'immerda/master' 2011-02-14 17:01:04 +01:00
Gabriel Filion
abb8566742 Add sshd_config template for Debian sid 
Debian's unstable branch currently has no template for sshd_config, and
thus cannot use the sshd class.

Add a template for Debian sid.

Signed-off-by: Gabriel Filion <lelutin@gmail.com>
 2011-01-30 21:28:36 -05:00
Gabriel Filion
3662c5a2a5 Finish fixing ChallengeResponseAuthentication 
This value was hardcoded in both the Debian lenny and etch templates.
The lenny template was fixed with commit 167cf53271 but the etch
template was left out.

Fix the etch template so that the ChallengeResponseAuthentication
instruction is not overridden.

Signed-off-by: Gabriel Filion <lelutin@gmail.com>
 2011-01-30 21:24:00 -05:00
Micah Anderson
2188f46db7 fix debian squeeze sshd_config template to add a missing newline 2010-12-20 14:18:30 -05:00
mh
fa3d9e1654 do some trickery as arguments from puppet are passed as an array 2010-12-16 17:33:04 +01:00
mh
584cee7236 made error mesage a bit more verbose 2010-12-16 17:15:36 +01:00
mh
93fabb2021 remove stupid swap 2010-12-16 17:12:56 +01:00
mh
5c72941082 Add a function to create ssh keys on the fly 
This allows you to use content of ssh keys within your manifests
and generate them automatically if they don't exist yet.
 2010-12-16 16:22:24 +01:00
Micah Anderson
0ec0562257 remote KerberosGetAFSToken, its actually not a functional configuration option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238) 2010-12-15 20:38:07 -05:00
Micah Anderson
167cf53271 "ChallengeResponseAuthentication no" was being hardcoded later in the Debian Lenny sshd_config template, even though we offer it as a variable. With this commit, the variable will actually work, rather than be overriden 2010-12-14 13:41:05 -05:00
Micah Anderson
72e24df3b6 add Debian Squeeze sshd template. Enabled kerberos and gssapi options, using the defaults when not specified 2010-12-14 13:22:43 -05:00
intrigeri
51156042b1 Mention dependency on lsb module. 2010-12-11 11:34:11 +01:00
mh
7e6d3af6f8 lenny already has AcceptEnv by default 2010-10-21 15:31:31 +02:00
mh
3200c182e1 use realport 2010-10-21 02:49:11 +02:00
mh
8f918b0e73 use parametrized class to pass ssh_ports to open up things 2010-10-20 23:46:14 +02:00
mh
28342ba418 introduce that port also can't be the name, fix ensure problem 2010-10-20 23:12:43 +02:00
mh
eec9e72425 extend sshd::nagios with ensure param 2010-10-20 22:57:15 +02:00
mh
d0d3d20e14 add nagios_check_ssh_hostname to tweak the hostname which whould be monitored, as this one might actually differ 2010-10-20 21:17:16 +02:00
mh
988a88f4e6 move define to own class 2010-10-20 20:56:15 +02:00
intrigeri
ceb1280177 Bugfix 2010-10-18 19:13:59 +02:00
intrigeri
0d41016e4f Merge remote branch 'nadir/master' 
Conflicts:
	manifests/init.pp
 2010-10-17 02:34:50 +02:00
intrigeri
8cb562f87c Syntax fix. 2010-10-16 22:32:25 +02:00
intrigeri
5fb8eb969b bugfix 2010-10-16 21:55:44 +02:00
intrigeri
ef093cafff bugfix 2010-10-16 21:54:24 +02:00
intrigeri
a643172a79 New option sshd_ports that obsoletes sshd_port. 
Backward compatibility is preserved.
 2010-10-16 16:05:00 +02:00
intrigeri
23efb583bf Cleanup templates: sshd_port is guaranteed by init.pp not to be empty. 2010-10-16 16:01:24 +02:00
intrigeri
060703f6a2 sshd service has status and restart commands in post-etch Debian releases. 2010-10-13 23:48:39 +02:00
nadir
35bc5ea4db nagios-cmd is now check_ssh_port - according to shared-nagios 2010-10-05 19:07:24 +02:00
intrigeri
456e42b035 Simplify by using the config_file definition. 2010-10-04 22:03:49 +02:00
intrigeri
b9a8b7b3df Add template for Debian Squeeze. 2010-10-03 19:56:48 +02:00
intrigeri
0615dc635c Actually allow enabling ChallengeResponseAuthentication on Debian Lenny. 2010-10-03 19:56:04 +02:00
Micah Anderson
6b660a56a7 update nagios check_command to check ssh port. it was using ssh_port, it should be 'check_ssh_port' 2010-02-21 14:01:35 -05:00
Micah Anderson
739c9d8e0e Merge remote branch 'lavamind/master' 2009-12-27 16:27:20 -05:00
Micah Anderson
ea1a34bd79 update comments to include information about how to use the nagios 
checks and the pre-requirements
 2009-12-21 15:00:10 -05:00
Micah Anderson
6b602886ef fix the comments section so that the include isn't misleading. if you 
use 'include sshd::debian', then none of the variables are set, and you
will fail to parse the templates
 2009-12-19 03:30:16 -05:00
Jerome Charaoui
3c21e594e6 remove fqdn from nagios service description (hostname is used in the internal nagios_service name) 2009-12-18 14:38:01 -05:00
mh
edcd0859b1 make key removal a bit easier 2009-12-18 19:06:43 +01:00
mh
0f281c8d4d enable that ssh auth-keys can be removed 2009-12-18 18:36:05 +01:00
mh
1d595dd34c false != 'false' 2009-12-11 09:45:35 +01:00
mh
caccb4deb5 set protocol 2 for centos, required. 2009-12-11 09:35:34 +01:00
mh
dac25a5c68 require class instead of requiring packages 2009-12-10 23:49:32 +01:00
mh
5bdeab5848 re-add shorewall in rule :/ 2009-12-10 23:45:12 +01:00
mh
217a4e2566 undef or '' as default 2009-12-10 23:34:57 +01:00
mh
bdf7bd334e merged with riseup module, various cleaning up 2009-12-10 23:15:07 +01:00
mh
81063ee57b move plugin directory to fit new 0.25 style 2009-12-07 16:04:29 -05:00
mh
384b1466ea switch to new lsb way 2009-12-07 16:04:26 -05:00