Forge Home


A Puppet module to install a basic Git SSH server.


6,548 latest version

4.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.3 (latest)
  • 0.1.2
  • 0.1.1
  • 0.1.0
released Sep 21st 2016
This version is compatible with:
  • , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'locp-gitssh', '0.1.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add locp-gitssh
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install locp-gitssh --version 0.1.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



locp/gitssh — version 0.1.3 Sep 21st 2016


Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with gitssh
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module


A Puppet module to install a basic Git SSH server. It also manages SSH client access and repositories.

Module Description

This module installs the git package and configures a 'git' user with the /usr/bin/git-shell shell.

SSH clients can be configured using the gitssh::client definition and repositories can be added/removed using the gitssh::repo definition.


What gitssh affects

  • Adds /usr/bin/git-shell to /etc/shells.

  • By default, the following directory tree is created:


Beginning with gitssh

As with most modules, the most basic way to use the module would be:

include '::gitssh'


The following code will:

  • Setup a Git SSH server with default settings
  • Create two clients/users (nick@magpie.puppetlabs.lan and fbl42)
  • Ensure that if a client jbi72 does not have access
include '::gitssh'

gitssh::client { 'nick@magpie.puppetlabs.lan':
  key => 'AAAAB...aQ==',

gitssh::client { 'fbl42':
  key => 'AAAAB...Aq==',

gitssh::client { 'jbi72':
  ensure => absent

The following snippet will create two repositories (foo and bar) and will ensure that any repository called deleteme is absent:

include '::gitssh'

gitssh::repo { 'foo': }
gitssh::repo { 'bar': }

gitssh::repo { 'deleteme':
  ensure => absent


The following Hiera code will reproduce the examples above:

    key: 'AAAAB...aQ=='
    key: 'AAAAB...Aq=='
    ensure: absent

    ensure: present
    ensure: present
    ensure: absent



Defined type gitssh::client


If the SSH key is to be present in the git account. Valid values are present and absent. Default value: present


The type of SSH key. See here for a list of valid values. Default value: 'ssh-rsa'


This value can be left as undef (the default) if ensure is set to absent. Otherwise it should be the SSH key. Default value: undef

Class gitssh


This is set as the home directory for the git user. Default value: '/var/git'


An array of hashes that can be passed to the gitssh::client definition. Default value: []


Passed as the ensure attribute to the package resource. Valid values are present or a specific version number. Default value: present


Passed as the name attribute for the package resource for the git package. Default value: 'git'


Passed as an attribute for the user resource for git. This will remove all SSH keys from the git user that are not controlled by Puppet. This attribute has no effect on version of Puppet < 3.6.0 and will generate a warning unless set to false. Default value: true


An array of hashes that can be passed to the gitssh::repo definition. Default value: []

Defined type gitssh::repo


If the repository is to be present or absent. Default value: present


Currently only developed and tested on CentOS 7, Ubuntu 14.04 and Debian 7.


Contributions will be gratefully accepted. Please go to the project page, fork the project, make your changes locally and then raise a pull request. Details on how to do this are available at


Release Issue/PR Contributer
0.1.2 The module does not work on Puppet 3.4.3 @nl0pvm