aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--manifests/profile/base/sshd.pp61
-rw-r--r--releasenotes/notes/sshd-437c531301f458bb.yaml3
-rw-r--r--spec/classes/tripleo_profile_base_sshd_spec.rb30
3 files changed, 94 insertions, 0 deletions
diff --git a/manifests/profile/base/sshd.pp b/manifests/profile/base/sshd.pp
new file mode 100644
index 0000000..e7916c1
--- /dev/null
+++ b/manifests/profile/base/sshd.pp
@@ -0,0 +1,61 @@
+# Copyright 2016 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::sshd
+#
+# SSH profile for tripleo
+#
+# === Parameters
+#
+# [*bannertext*]
+# The text used within SSH Banner
+# Defaults to hiera('BannerText')
+#
+class tripleo::profile::base::sshd (
+ $bannertext = hiera('BannerText', undef),
+) {
+
+ if $bannertext {
+ $action = 'set'
+ } else {
+ $action = 'rm'
+ }
+
+ package {'openssh-server':
+ ensure => installed,
+ }
+
+ augeas { 'sshd_config_banner':
+ context => '/files/etc/ssh/sshd_config',
+ changes => [ "${action} Banner /etc/issue" ],
+ notify => Service['sshd']
+ }
+
+ file { '/etc/issue':
+ ensure => file,
+ backup => false,
+ content => $bannertext,
+ owner => 'root',
+ group => 'root',
+ mode => '0600'
+ }
+
+ service { 'sshd':
+ ensure => 'running',
+ enable => true,
+ hasstatus => false,
+ require => Package['openssh-server'],
+ }
+}
diff --git a/releasenotes/notes/sshd-437c531301f458bb.yaml b/releasenotes/notes/sshd-437c531301f458bb.yaml
new file mode 100644
index 0000000..0086cb0
--- /dev/null
+++ b/releasenotes/notes/sshd-437c531301f458bb.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Added manifest and template to enable configuration of sshd_config
diff --git a/spec/classes/tripleo_profile_base_sshd_spec.rb b/spec/classes/tripleo_profile_base_sshd_spec.rb
new file mode 100644
index 0000000..210b41c
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_sshd_spec.rb
@@ -0,0 +1,30 @@
+# Copyright 2016 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::sshd' do
+
+ context 'with banner configured' do
+ it do
+ is_expected.to contain_file('/etc/issue').with({
+ 'owner' => 'root',
+ 'group' => 'root',
+ 'mode' => '0600',
+ })
+ end
+ end
+end