diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-01-27 12:29:12 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-01-27 12:29:12 +0000 |
commit | ef741fab9bf8f649be6ec8f7cef14f5b841f93c6 (patch) | |
tree | e4c521d24dbe993b2fe38531e3c24c0b81a531a8 | |
parent | 91a231d80815dc2ad45cc9502151e68b636090d0 (diff) | |
parent | 73f58792f90942be1e2dc0ef67eac0a47d9aba18 (diff) |
Merge "Adds SSH Banner text into sshd_config"
-rw-r--r-- | ci/environments/scenario001-multinode.yaml | 10 | ||||
-rw-r--r-- | environments/sshd-banner.yaml | 13 | ||||
-rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 1 | ||||
-rw-r--r-- | puppet/services/sshd.yaml | 34 | ||||
-rw-r--r-- | roles_data.yaml | 5 |
5 files changed, 63 insertions, 0 deletions
diff --git a/ci/environments/scenario001-multinode.yaml b/ci/environments/scenario001-multinode.yaml index db6967e0..bfda8cc0 100644 --- a/ci/environments/scenario001-multinode.yaml +++ b/ci/environments/scenario001-multinode.yaml @@ -34,6 +34,7 @@ parameter_defaults: - OS::TripleO::Services::NovaScheduler - OS::TripleO::Services::Ntp - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::Timezone - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt @@ -81,3 +82,12 @@ parameter_defaults: GlanceBackend: rbd GnocchiBackend: rbd CinderEnableIscsiBackend: false + BannerText: | + ****************************************************************** + * This system is for the use of authorized users only. Usage of * + * this system may be monitored and recorded by system personnel. * + * Anyone using this system expressly consents to such monitoring * + * and is advised that if such monitoring reveals possible * + * evidence of criminal activity, system personnel may provide * + * the evidence from such monitoring to law enforcement officials.* + ****************************************************************** diff --git a/environments/sshd-banner.yaml b/environments/sshd-banner.yaml new file mode 100644 index 00000000..041c0990 --- /dev/null +++ b/environments/sshd-banner.yaml @@ -0,0 +1,13 @@ +resource_registry: + OS::TripleO::Services::Sshd: ../puppet/services/sshd.yaml + +parameter_defaults: + BannerText: | + ****************************************************************** + * This system is for the use of authorized users only. Usage of * + * this system may be monitored and recorded by system personnel. * + * Anyone using this system expressly consents to such monitoring * + * and is advised that if such monitoring reveals possible * + * evidence of criminal activity, system personnel may provide * + * the evidence from such monitoring to law enforcement officials.* + ****************************************************************** diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index 7c4e78fa..28384203 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -171,6 +171,7 @@ resource_registry: OS::TripleO::Services::Memcached: puppet/services/memcached.yaml OS::TripleO::Services::SaharaApi: OS::Heat::None OS::TripleO::Services::SaharaEngine: OS::Heat::None + OS::TripleO::Services::Sshd: OS::Heat::None OS::TripleO::Services::Redis: puppet/services/database/redis.yaml OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml diff --git a/puppet/services/sshd.yaml b/puppet/services/sshd.yaml new file mode 100644 index 00000000..41e144a0 --- /dev/null +++ b/puppet/services/sshd.yaml @@ -0,0 +1,34 @@ +heat_template_version: ocata + +description: > + Configure sshd_config + +parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + BannerText: + default: '' + description: Configures Banner text in sshd_config + type: string + +outputs: + role_data: + description: Role data for the ssh + value: + service_name: sshd + config_settings: + BannerText: {get_param: BannerText} + step_config: | + include ::tripleo::profile::base::sshd diff --git a/roles_data.yaml b/roles_data.yaml index a21ef961..58c5290f 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -72,6 +72,7 @@ - OS::TripleO::Services::SwiftStorage - OS::TripleO::Services::SwiftRingBuilder - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::Timezone - OS::TripleO::Services::CeilometerApi - OS::TripleO::Services::CeilometerCollector @@ -123,6 +124,7 @@ - OS::TripleO::Services::Timezone - OS::TripleO::Services::Ntp - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::NovaCompute - OS::TripleO::Services::NovaLibvirt - OS::TripleO::Services::Kernel @@ -146,6 +148,7 @@ - OS::TripleO::Services::Ntp - OS::TripleO::Services::Timezone - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall - OS::TripleO::Services::SensuClient @@ -160,6 +163,7 @@ - OS::TripleO::Services::SwiftStorage - OS::TripleO::Services::SwiftRingBuilder - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::Timezone - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall @@ -174,6 +178,7 @@ - OS::TripleO::Services::Kernel - OS::TripleO::Services::Ntp - OS::TripleO::Services::Snmp + - OS::TripleO::Services::Sshd - OS::TripleO::Services::Timezone - OS::TripleO::Services::TripleoPackages - OS::TripleO::Services::TripleoFirewall |