Skip to content
Snippets Groups Projects
Commit 9c3ba632 authored by Filip Polbratt's avatar Filip Polbratt
Browse files

Move to using hiera

parent e6f7e5d3
No related branches found
No related tags found
No related merge requests found
Pipeline #544 canceled
Stage: syntax
Stage: unit
Show whitespace changes
Inline Side-by-side
data/Debian.yaml 0 → 100644
+ 1
0
View file @ 9c3ba632
lysnetwork::ssh::client_package: openssh-client
data/RedHat.yaml 0 → 100644
+ 1
0
View file @ 9c3ba632
lysnetwork::ssh::service_name: sshd
data/SUSE.yaml 0 → 100644
+ 2
0
View file @ 9c3ba632
lysnetwork::ssh::server_package: openssh
lysnetwork::ssh::service_name: sshd
data/common.yaml
+ 4
1
View file @ 9c3ba632
--- {} ---
lysnetwork::ssh::server_package: openssh-server
lysnetwork::ssh::client_package: openssh
lysnetwork::ssh::service_name: ssh
manifests/ssh.pp
+ 7
58
View file @ 9c3ba632
#This class manages ssh-clients and ensures that fail2ban is installed with configs. #This class manages ssh-clients and servers.
class lysnetwork::ssh { class lysnetwork::ssh(
$server_package = $facts['os']['name'] ? { $server_package = undef,
'centos' => 'openssh-server', $client_package = undef,
'OpenSuSE' => 'openssh', $service_name = undef
default => 'openssh-server', ) {
}
$client_package = $facts['os']['name'] ? {
'centos' => 'openssh',
'OpenSuSE' => 'openssh',
'Debian' => 'openssh-client',
'Ubuntu' => 'openssh-client',
default => 'openssh',
}
$service_name = $facts['os']['name'] ? { ensure_packages([$server_package, $client_package])
'centos' => 'sshd',
'OpenSuSE' => 'sshd',
default => 'ssh',
}
package { $server_package:
ensure => installed,
}
package { $client_package:
ensure => installed,
}
service { $service_name: service { $service_name:
ensure => running, ensure => running,
...@@ -64,34 +43,4 @@ class lysnetwork::ssh { ...@@ -64,34 +43,4 @@ class lysnetwork::ssh {
source => "puppet:///modules/lysnetwork/ssh/ssh_config-${facts['os']['name']}", source => "puppet:///modules/lysnetwork/ssh/ssh_config-${facts['os']['name']}",
} }
package { 'fail2ban':
ensure => installed,
before => File['/etc/fail2ban/jail.local'],
}
service { 'fail2ban':
ensure => running,
enable => true,
require => [ Package['fail2ban'],
File['/etc/fail2ban/jail.local'],
File['/etc/fail2ban/action.d/iptables-common.conf'],],
}
file {
'/etc/fail2ban/jail.local':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => "puppet:///modules/lysnetwork/fail2ban/jail_local_ssh-${facts['os']['name']}",
}
file {
'/etc/fail2ban/action.d/iptables-common.conf':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
source => 'puppet:///modules/lysnetwork/fail2ban/actions_iptable_common',
}
} }
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment