Puppet users - Oct 2013 - SSH Module with multiple conditions

I''ve written and deployed a simple Linux SSH module.  But I need to
modify
to include support for FreeBSD and AIX.  On top of that, I need to include 
some conditionals in there that (for example)

if (/etc/file1 contains string abc) ; then
  install sshd-config-x & ssh-config-x
elsif (/etc/file1 contains string xyz); then 
  install sshd_config-y & ssh_config-y
else install sshd_config-z and ssh_config-z.

So I''ve got multiple conditions; one for operating systems one for 
configurations based on the contents of other files.

Here is my current init.pp I''ve come up with from the Pro Puppet book. 
Is
this a good start?  Or do I totally need to scrsp this and restart based on 
my criteria? 

class ssh::params {
  case $operatingsystem {
    freebsd: {
      $ssh_package_name = ''openssh''
      $ssh_service_config = ''/etc/ssh/sshd_config'' 
      $ssh_service_name = ''sshd'' 
    }
    /aix: {
      $ssh_package_name = ''openssh-server''
      $ssh_service_config = ''/etc/ssh/sshd_config'' 
      $ssh_service_name = ''ssh'' 
    }
    /(RedHat|CentOS|Fedora)/: {
      $ssh_package_name = ''openssh-server''
      $ssh_service_config = ''/etc/ssh/sshd_config'' 
      $ssh_service_name = ''sshd'' 
    }
  }
}

class ssh::install {
  package { $ssh::params::package_name:
    ensure => installed,
  }
}

class ssh::config {
  file { "/etc/ssh/sshd_config":
    ensure => present,
    owner => ''root'',
    group => ''root'',
    mode => 0600,
    source => "puppet:///modules/ssh/sshd_config",
    require => Class["ssh::install"],
    notify => Class["ssh::service"],
  }
  file { "/etc/ssh/ssh_config":
    ensure => present,
    owner => ''root'',
    group => ''root'',
    mode => 0440,
    source => "puppet:///modules/ssh/ssh_config",
    require => Class["ssh::install"],
  }
}

class ssh::service {
  service { $ssh::params::ssh_service_name:
    ensure => running,
    hasstatus => true,
    hasrestart => true,
    enable => true,
    require => Class["ssh::config"],
  }
}

class ssh
{
  include ssh::params, ssh::install, ssh::config, ssh::service
}

Here are the configuration files under the file files directory...

[root@puppet ssh]# find files
files
files/default-config-x-sshd.erb
files/default-config-x-ssh.erb
files/default-config-y_sshd_config.erb
files/sshd_config
files/default-config-y_ssh_config.erb
files/ssh_config

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Hey,

Your approach seems fairly solid and should work but two things:

- prefer osfamily over operatingsystem, for example osfamily Redhat = 
operatingsystem RedHat|CentOS|Fedora and a few more
- use osfamily to resolve your files. Instead of ''if string this then
file
that'' just point it to puppet:///modules/ssh/$osfamily/sshd_config

Good luck,

-- 
Daniele Sluijters

On Thursday, 24 October 2013 22:16:00 UTC+2, John wrote:
>
> I''ve written and deployed a simple Linux SSH module.  But I need
to modify
> to include support for FreeBSD and AIX.  On top of that, I need to include 
> some conditionals in there that (for example)
>
> if (/etc/file1 contains string abc) ; then
>   install sshd-config-x & ssh-config-x
> elsif (/etc/file1 contains string xyz); then 
>   install sshd_config-y & ssh_config-y
> else install sshd_config-z and ssh_config-z.
>
> So I''ve got multiple conditions; one for operating systems one for
> configurations based on the contents of other files.
>
> Here is my current init.pp I''ve come up with from the Pro Puppet
book.  Is
> this a good start?  Or do I totally need to scrsp this and restart based on
> my criteria? 
>
> class ssh::params {
>   case $operatingsystem {
>     freebsd: {
>       $ssh_package_name = ''openssh''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''sshd'' 
>     }
>     /aix: {
>       $ssh_package_name = ''openssh-server''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''ssh'' 
>     }
>     /(RedHat|CentOS|Fedora)/: {
>       $ssh_package_name = ''openssh-server''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''sshd'' 
>     }
>   }
> }
>
> class ssh::install {
>   package { $ssh::params::package_name:
>     ensure => installed,
>   }
> }
>
> class ssh::config {
>   file { "/etc/ssh/sshd_config":
>     ensure => present,
>     owner => ''root'',
>     group => ''root'',
>     mode => 0600,
>     source => "puppet:///modules/ssh/sshd_config",
>     require => Class["ssh::install"],
>     notify => Class["ssh::service"],
>   }
>   file { "/etc/ssh/ssh_config":
>     ensure => present,
>     owner => ''root'',
>     group => ''root'',
>     mode => 0440,
>     source => "puppet:///modules/ssh/ssh_config",
>     require => Class["ssh::install"],
>   }
> }
>
> class ssh::service {
>   service { $ssh::params::ssh_service_name:
>     ensure => running,
>     hasstatus => true,
>     hasrestart => true,
>     enable => true,
>     require => Class["ssh::config"],
>   }
> }
>
> class ssh
> {
>   include ssh::params, ssh::install, ssh::config, ssh::service
> }
>
> Here are the configuration files under the file files directory...
>
> [root@puppet ssh]# find files
> files
> files/default-config-x-sshd.erb
> files/default-config-x-ssh.erb
> files/default-config-y_sshd_config.erb
> files/sshd_config
> files/default-config-y_ssh_config.erb
> files/ssh_config
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Hey,

One other tip, fully qualify everything to avoid weird behaviour in puppet:

- $::osfamily, not $osfamily
- $::ssh::params, not $ssh::params
- include ::ssh::params, not ssh::params

-- 
Daniele Sluijters

On Thursday, 24 October 2013 22:16:00 UTC+2, John wrote:
>
> I''ve written and deployed a simple Linux SSH module.  But I need
to modify
> to include support for FreeBSD and AIX.  On top of that, I need to include 
> some conditionals in there that (for example)
>
> if (/etc/file1 contains string abc) ; then
>   install sshd-config-x & ssh-config-x
> elsif (/etc/file1 contains string xyz); then 
>   install sshd_config-y & ssh_config-y
> else install sshd_config-z and ssh_config-z.
>
> So I''ve got multiple conditions; one for operating systems one for
> configurations based on the contents of other files.
>
> Here is my current init.pp I''ve come up with from the Pro Puppet
book.  Is
> this a good start?  Or do I totally need to scrsp this and restart based on
> my criteria? 
>
> class ssh::params {
>   case $operatingsystem {
>     freebsd: {
>       $ssh_package_name = ''openssh''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''sshd'' 
>     }
>     /aix: {
>       $ssh_package_name = ''openssh-server''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''ssh'' 
>     }
>     /(RedHat|CentOS|Fedora)/: {
>       $ssh_package_name = ''openssh-server''
>       $ssh_service_config = ''/etc/ssh/sshd_config'' 
>       $ssh_service_name = ''sshd'' 
>     }
>   }
> }
>
> class ssh::install {
>   package { $ssh::params::package_name:
>     ensure => installed,
>   }
> }
>
> class ssh::config {
>   file { "/etc/ssh/sshd_config":
>     ensure => present,
>     owner => ''root'',
>     group => ''root'',
>     mode => 0600,
>     source => "puppet:///modules/ssh/sshd_config",
>     require => Class["ssh::install"],
>     notify => Class["ssh::service"],
>   }
>   file { "/etc/ssh/ssh_config":
>     ensure => present,
>     owner => ''root'',
>     group => ''root'',
>     mode => 0440,
>     source => "puppet:///modules/ssh/ssh_config",
>     require => Class["ssh::install"],
>   }
> }
>
> class ssh::service {
>   service { $ssh::params::ssh_service_name:
>     ensure => running,
>     hasstatus => true,
>     hasrestart => true,
>     enable => true,
>     require => Class["ssh::config"],
>   }
> }
>
> class ssh
> {
>   include ssh::params, ssh::install, ssh::config, ssh::service
> }
>
> Here are the configuration files under the file files directory...
>
> [root@puppet ssh]# find files
> files
> files/default-config-x-sshd.erb
> files/default-config-x-ssh.erb
> files/default-config-y_sshd_config.erb
> files/sshd_config
> files/default-config-y_ssh_config.erb
> files/ssh_config
>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.