/[adm]/puppet/modules/openssh/manifests/init.pp
ViewVC logotype

Contents of /puppet/modules/openssh/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 436 - (show annotations) (download)
Tue Nov 23 23:17:47 2010 UTC (13 years, 5 months ago) by misc
File size: 1629 byte(s) 
move the ldap key from ssh logic to openssh module ( more logical ), and add the hook in openssh config file
1 class openssh {
2
3 # some trick to manage sftp server, who is arch dependent on mdv
4 $path_to_sftp = "$lib_dir/ssh/"
5
6 package { "openssh-server":
7 ensure => installed
8 }
9
10 service { sshd:
11 ensure => running,
12 path => "/etc/init.d/sshd",
13 subscribe => [ Package["openssh-server"], File["sshd_config"] ]
14 }
15
16 file { "sshd_config":
17 path => "/etc/ssh/sshd_config",
18 ensure => present,
19 owner => root,
20 group => root,
21 mode => 644,
22 require => Package["openssh-server"],
23 content => template("openssh/sshd_config")
24 }
25
26
27 class ssh_keys_from_ldap {
28
29 package { 'python-ldap':
30 ensure => installed,
31 }
32
33 $pubkeys_directory = "/var/lib/pubkeys"
34 file { $pubkeys_directory:
35 ensure => directory,
36 owner => root,
37 group => root,
38 mode => 755,
39 # before => Class["openssh"]
40 }
41
42 file { "$pubkeys_directory/root":
43 ensure => directory,
44 owner => root,
45 group => root,
46 mode => 700,
47 }
48
49 file { "$pubkeys_directory/root/authorized_keys":
50 ensure => "/root/.ssh/authorized_keys",
51 mode => 700,
52 }
53
54 $ldap_pwfile = "/etc/ldap.secret"
55 file { '/usr/local/bin/ldap-sshkey2file.py':
56 ensure => present,
57 owner => root,
58 group => root,
59 mode => 755,
60 content => template("restrictshell/ldap-sshkey2file.py"),
61 require => Package['python-ldap']
62 }
63 }
64 }
  ViewVC Help
Powered by ViewVC 1.1.30