openssh

deprecated
Puppet module for openssh

Example42

example42

11,356 downloads

8,124 latest version

2.0 quality score

Version information

  • 2.0.11 (latest)
  • 2.0.10
  • 2.0.9
  • 2.0.8
  • 2.0.7
released Jun 30th 2015
This module has been deprecated by its author since Oct 28th 2019.

The reason given was: No longer maintained

The author has suggested ghoneycutt-ssh as its replacement.

Start using this module

Documentation

example42/openssh — version 2.0.11 Jun 30th 2015

Puppet module: openssh

DEPRECATION NOTICE

This module is no more actively maintained and will hardly be updated.

Please find an alternative module from other authors or consider Tiny Puppet as replacement.

If you want to maintain this module, contact Alessandro Franceschi

This is a Puppet openssh module from the second generation of Example42 Puppet Modules.

Made by Alessandro Franceschi / Lab42

Official site: http://www.example42.com

Official git repository: http://github.com/example42/puppet-openssh

Released under the terms of Apache 2 License.

This module requires functions provided by the Example42 Puppi module.

For detailed info about the logic and usage patterns of Example42 modules read README.usage on Example42 main modules set.

USAGE - Basic management

  • Install openssh with default settings

      class { "openssh": }
    
  • Disable openssh service.

      class { "openssh":
        disable => true
      }
    
  • Disable openssh service at boot time, but don't stop if is running.

      class { "openssh":
        disableboot => true
      }
    
  • Remove openssh package

      class { "openssh":
        absent => true
      }
    
  • Enable auditing without without making changes on existing openssh configuration files

      class { "openssh":
        audit_only => true
      }
    

USAGE - Overrides and Customizations

  • Use custom sources for main config file

      class { "openssh":
        source => [ "puppet:///modules/lab42/openssh/openssh.conf-${hostname}" , "puppet:///modules/lab42/openssh/openssh.conf" ], 
      }
    
  • Use custom source directory for the whole configuration dir

      class { "openssh":
        source_dir       => "puppet:///modules/lab42/openssh/conf/",
        source_dir_purge => false, # Set to true to purge any existing file not present in $source_dir
      }
    
  • Use custom template for main config file

      class { "openssh":
        template => "example42/openssh/openssh.conf.erb",      
      }
    
  • To manipulate options in your config using the options array you should use this syntax in your config UsePAM <%= scope.function_options_lookup(['UsePAM','no']) %> LogLevel <%= scope.function_options_lookup(['LogLevel','INFO']) %> ListenAddress <%= scope.function_options_lookup(['ListenAddress', '0.0.0.0']) %>

  • Define custom options that can be used in a custom template without the need to add parameters to the openssh class

      class { "openssh":
        template => "example42/openssh/openssh.conf.erb",    
        options  => {
          'LogLevel'      => 'INFO',
          'UsePAM'        => 'yes',
          'ListenAddress' => '0.0.0.0'
        },
      }
    
  • Automaticallly include a custom subclass

      class { "openssh:"
        my_class => 'openssh::example42',
      }
    

== USAGE - Manage a user SSH keys:

  • Use all defaults and place in the user's home directory ssh keys that are stored centrally on the puppet server.

      openssh::key { 'username': }
    

USAGE - Example42 extensions management

  • Activate puppi (recommended, but disabled by default) Note that this option requires the usage of Example42 puppi module

      class { "openssh": 
        puppi    => true,
      }
    
  • Activate puppi and use a custom puppi_helper template (to be provided separately with a puppi::helper define ) to customize the output of puppi commands

      class { "openssh":
        puppi        => true,
        puppi_helper => "myhelper", 
      }
    
  • Activate automatic monitoring (recommended, but disabled by default) This option requires the usage of Example42 monitor and relevant monitor tools modules

      class { "openssh":
        monitor      => true,
        monitor_tool => [ "nagios" , "monit" , "munin" ],
      }
    
  • Activate automatic firewalling This option requires the usage of Example42 firewall and relevant firewall tools modules

      class { "openssh":       
        firewall      => true,
        firewall_tool => "iptables",
        firewall_src  => "10.42.0.0/24",
        firewall_dst  => "$ipaddress_eth0",
      }
    

Build Status