Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 19 additions & 1 deletion REFERENCE.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
* `ssh::client::install`: Install ssh client package
* `ssh::server::config`: Managed ssh server configuration
* `ssh::server::install`: Install ssh server package
* `ssh::server::service`: This class managed ssh server service
* `ssh::server::service`: This class manages the ssh server service

### Defined types

Expand Down Expand Up @@ -613,6 +613,8 @@ The following parameters are available in the `ssh::server` class:
* [`config_group`](#-ssh--server--config_group)
* [`default_options`](#-ssh--server--default_options)
* [`ensure`](#-ssh--server--ensure)
* [`service_ensure`](#-ssh--server--service_ensure)
* [`service_enable`](#-ssh--server--service_enable)
* [`include_dir`](#-ssh--server--include_dir)
* [`include_dir_mode`](#-ssh--server--include_dir_mode)
* [`include_dir_purge`](#-ssh--server--include_dir_purge)
Expand Down Expand Up @@ -731,6 +733,22 @@ Ensurable param to ssh server

Default value: `present`

##### <a name="-ssh--server--service_ensure"></a>`service_ensure`

Data type: `Stdlib::Ensure::Service`

Whether the service should be running or stopped, defaults to true when ensure is set to present, otherwise false

Default value: `$ensure ? { 'present' => 'running', 'absent' => 'stopped'`

##### <a name="-ssh--server--service_enable"></a>`service_enable`

Data type: `Boolean`

Whether the service should be started at boot. Will be added automatically if ensure is running/removed if ensure is stopped

Default value: `($service_ensure == 'running'`

##### <a name="-ssh--server--include_dir"></a>`include_dir`

Data type: `Optional[Stdlib::Absolutepath]`
Expand Down
8 changes: 8 additions & 0 deletions manifests/server.pp
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,12 @@
# @param ensure
# Ensurable param to ssh server
#
# @param service_ensure
# Whether the service should be running or stopped, defaults to true when ensure is set to present, otherwise false
#
# @param service_enable
# Whether the service should be started at boot. Will be added automatically if ensure is running/removed if ensure is stopped
#
# @param include_dir
# Path to sshd include directory.
#
Expand Down Expand Up @@ -127,6 +133,8 @@
Variant[Integer, String[1]] $config_group,
Hash $default_options,
String $ensure = present,
Stdlib::Ensure::Service $service_ensure = $ensure ? { 'present' => 'running', 'absent' => 'stopped' },
Boolean $service_enable = ($service_ensure == 'running'),
Optional[Stdlib::Absolutepath] $include_dir = undef,
Stdlib::Filemode $include_dir_mode = '0700',
Boolean $include_dir_purge = true,
Expand Down
17 changes: 4 additions & 13 deletions manifests/server/service.pp
Original file line number Diff line number Diff line change
@@ -1,25 +1,16 @@
# @summary
# This class managed ssh server service
# This class manages the ssh server service
#
# @api private
#
# @param ensure
# Ensurable service param
#
# @param enable
# Define if service is enable
#
class ssh::server::service (
Stdlib::Ensure::Service $ensure = 'running',
Boolean $enable = true,
) {
class ssh::server::service {
assert_private()

service { $ssh::server::service_name:
ensure => $ssh::server::service::ensure,
ensure => $ssh::server::service_ensure,
hasstatus => true,
hasrestart => true,
enable => $ssh::server::service::enable,
enable => $ssh::server::service_enable,
require => Class['ssh::server::config'],
}
}
83 changes: 83 additions & 0 deletions spec/classes/client_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,89 @@
it { is_expected.to compile.with_all_deps }
it { is_expected.not_to contain_ssh__client__config_file('custom') }
end

context 'with use_augeas enabled' do
let :pre_condition do
'define ssh_config ($ensure = present, $key = undef, $value = undef, $target = undef, $host = undef) {}'
end

let :params do
{
use_augeas: true,
options: {
'ForwardAgent' => 'no',
'StrictHostKeyChecking' => 'ask',
},
options_absent: ['GSSAPIAuthentication'],
}
end

it { is_expected.to compile.with_all_deps }
it { is_expected.not_to contain_concat('/etc/ssh/ssh_config') }

it {
is_expected.to contain_ssh_config('ForwardAgent').with(
ensure: 'present',
key: 'ForwardAgent',
value: 'no',
target: '/etc/ssh/ssh_config',
)
}

it {
is_expected.to contain_ssh_config('StrictHostKeyChecking').with(
ensure: 'present',
key: 'StrictHostKeyChecking',
value: 'ask',
)
}

it {
is_expected.to contain_ssh_config('GSSAPIAuthentication').with(
ensure: 'absent',
key: 'GSSAPIAuthentication',
)
}
end

context 'with use_augeas and host block options' do
let :pre_condition do
'define ssh_config ($ensure = present, $key = undef, $value = undef, $target = undef, $host = undef) {}'
end

let :params do
{
use_augeas: true,
options: {
'Host *.example.com' => {
'ForwardAgent' => 'yes',
'BatchMode' => 'yes',
},
},
options_absent: [],
}
end

it { is_expected.to compile.with_all_deps }

it {
is_expected.to contain_ssh_config('ForwardAgent *.example.com').with(
ensure: 'present',
host: '*.example.com',
key: 'ForwardAgent',
value: 'yes',
)
}

it {
is_expected.to contain_ssh_config('BatchMode *.example.com').with(
ensure: 'present',
host: '*.example.com',
key: 'BatchMode',
value: 'yes',
)
}
end
end
end
end
Loading
Loading