I''ve written and deployed a simple Linux SSH module. But I need to
modify
to include support for FreeBSD and AIX. On top of that, I need to include
some conditionals in there that (for example)
if (/etc/file1 contains string abc) ; then
install sshd-config-x & ssh-config-x
elsif (/etc/file1 contains string xyz); then
install sshd_config-y & ssh_config-y
else install sshd_config-z and ssh_config-z.
So I''ve got multiple conditions; one for operating systems one for
configurations based on the contents of other files.
Here is my current init.pp I''ve come up with from the Pro Puppet book.
Is
this a good start? Or do I totally need to scrsp this and restart based on
my criteria?
class ssh::params {
case $operatingsystem {
freebsd: {
$ssh_package_name = ''openssh''
$ssh_service_config = ''/etc/ssh/sshd_config''
$ssh_service_name = ''sshd''
}
/aix: {
$ssh_package_name = ''openssh-server''
$ssh_service_config = ''/etc/ssh/sshd_config''
$ssh_service_name = ''ssh''
}
/(RedHat|CentOS|Fedora)/: {
$ssh_package_name = ''openssh-server''
$ssh_service_config = ''/etc/ssh/sshd_config''
$ssh_service_name = ''sshd''
}
}
}
class ssh::install {
package { $ssh::params::package_name:
ensure => installed,
}
}
class ssh::config {
file { "/etc/ssh/sshd_config":
ensure => present,
owner => ''root'',
group => ''root'',
mode => 0600,
source => "puppet:///modules/ssh/sshd_config",
require => Class["ssh::install"],
notify => Class["ssh::service"],
}
file { "/etc/ssh/ssh_config":
ensure => present,
owner => ''root'',
group => ''root'',
mode => 0440,
source => "puppet:///modules/ssh/ssh_config",
require => Class["ssh::install"],
}
}
class ssh::service {
service { $ssh::params::ssh_service_name:
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
require => Class["ssh::config"],
}
}
class ssh
{
include ssh::params, ssh::install, ssh::config, ssh::service
}
Here are the configuration files under the file files directory...
[root@puppet ssh]# find files
files
files/default-config-x-sshd.erb
files/default-config-x-ssh.erb
files/default-config-y_sshd_config.erb
files/sshd_config
files/default-config-y_ssh_config.erb
files/ssh_config
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Daniele Sluijters
2013-Oct-24 21:27 UTC
[Puppet Users] Re: SSH Module with multiple conditions
Hey, Your approach seems fairly solid and should work but two things: - prefer osfamily over operatingsystem, for example osfamily Redhat = operatingsystem RedHat|CentOS|Fedora and a few more - use osfamily to resolve your files. Instead of ''if string this then file that'' just point it to puppet:///modules/ssh/$osfamily/sshd_config Good luck, -- Daniele Sluijters On Thursday, 24 October 2013 22:16:00 UTC+2, John wrote:> > I''ve written and deployed a simple Linux SSH module. But I need to modify > to include support for FreeBSD and AIX. On top of that, I need to include > some conditionals in there that (for example) > > if (/etc/file1 contains string abc) ; then > install sshd-config-x & ssh-config-x > elsif (/etc/file1 contains string xyz); then > install sshd_config-y & ssh_config-y > else install sshd_config-z and ssh_config-z. > > So I''ve got multiple conditions; one for operating systems one for > configurations based on the contents of other files. > > Here is my current init.pp I''ve come up with from the Pro Puppet book. Is > this a good start? Or do I totally need to scrsp this and restart based on > my criteria? > > class ssh::params { > case $operatingsystem { > freebsd: { > $ssh_package_name = ''openssh'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''sshd'' > } > /aix: { > $ssh_package_name = ''openssh-server'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''ssh'' > } > /(RedHat|CentOS|Fedora)/: { > $ssh_package_name = ''openssh-server'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''sshd'' > } > } > } > > class ssh::install { > package { $ssh::params::package_name: > ensure => installed, > } > } > > class ssh::config { > file { "/etc/ssh/sshd_config": > ensure => present, > owner => ''root'', > group => ''root'', > mode => 0600, > source => "puppet:///modules/ssh/sshd_config", > require => Class["ssh::install"], > notify => Class["ssh::service"], > } > file { "/etc/ssh/ssh_config": > ensure => present, > owner => ''root'', > group => ''root'', > mode => 0440, > source => "puppet:///modules/ssh/ssh_config", > require => Class["ssh::install"], > } > } > > class ssh::service { > service { $ssh::params::ssh_service_name: > ensure => running, > hasstatus => true, > hasrestart => true, > enable => true, > require => Class["ssh::config"], > } > } > > class ssh > { > include ssh::params, ssh::install, ssh::config, ssh::service > } > > Here are the configuration files under the file files directory... > > [root@puppet ssh]# find files > files > files/default-config-x-sshd.erb > files/default-config-x-ssh.erb > files/default-config-y_sshd_config.erb > files/sshd_config > files/default-config-y_ssh_config.erb > files/ssh_config >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
Daniele Sluijters
2013-Oct-24 21:29 UTC
[Puppet Users] Re: SSH Module with multiple conditions
Hey, One other tip, fully qualify everything to avoid weird behaviour in puppet: - $::osfamily, not $osfamily - $::ssh::params, not $ssh::params - include ::ssh::params, not ssh::params -- Daniele Sluijters On Thursday, 24 October 2013 22:16:00 UTC+2, John wrote:> > I''ve written and deployed a simple Linux SSH module. But I need to modify > to include support for FreeBSD and AIX. On top of that, I need to include > some conditionals in there that (for example) > > if (/etc/file1 contains string abc) ; then > install sshd-config-x & ssh-config-x > elsif (/etc/file1 contains string xyz); then > install sshd_config-y & ssh_config-y > else install sshd_config-z and ssh_config-z. > > So I''ve got multiple conditions; one for operating systems one for > configurations based on the contents of other files. > > Here is my current init.pp I''ve come up with from the Pro Puppet book. Is > this a good start? Or do I totally need to scrsp this and restart based on > my criteria? > > class ssh::params { > case $operatingsystem { > freebsd: { > $ssh_package_name = ''openssh'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''sshd'' > } > /aix: { > $ssh_package_name = ''openssh-server'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''ssh'' > } > /(RedHat|CentOS|Fedora)/: { > $ssh_package_name = ''openssh-server'' > $ssh_service_config = ''/etc/ssh/sshd_config'' > $ssh_service_name = ''sshd'' > } > } > } > > class ssh::install { > package { $ssh::params::package_name: > ensure => installed, > } > } > > class ssh::config { > file { "/etc/ssh/sshd_config": > ensure => present, > owner => ''root'', > group => ''root'', > mode => 0600, > source => "puppet:///modules/ssh/sshd_config", > require => Class["ssh::install"], > notify => Class["ssh::service"], > } > file { "/etc/ssh/ssh_config": > ensure => present, > owner => ''root'', > group => ''root'', > mode => 0440, > source => "puppet:///modules/ssh/ssh_config", > require => Class["ssh::install"], > } > } > > class ssh::service { > service { $ssh::params::ssh_service_name: > ensure => running, > hasstatus => true, > hasrestart => true, > enable => true, > require => Class["ssh::config"], > } > } > > class ssh > { > include ssh::params, ssh::install, ssh::config, ssh::service > } > > Here are the configuration files under the file files directory... > > [root@puppet ssh]# find files > files > files/default-config-x-sshd.erb > files/default-config-x-ssh.erb > files/default-config-y_sshd_config.erb > files/sshd_config > files/default-config-y_ssh_config.erb > files/ssh_config >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.