User story #3664 » sshConfiguration.diff
| techniques/systemSettings/remoteAccess/sshConfiguration/2.1/bodies.st 2013-06-12 17:22:57.000000000 +0200 | ||
|---|---|---|
|
insert_lines:
|
||
|
"Port ${portlist}";
|
||
|
}
|
||
|
bundle edit_line rudder_openssh_server_address_configuration(addresslist)
|
||
|
{
|
||
|
delete_lines:
|
||
|
"ListenAddress.*";
|
||
|
insert_lines:
|
||
|
"ListenAddress ${addresslist}";
|
||
|
}
|
||
| techniques/systemSettings/remoteAccess/sshConfiguration/2.1/configuration.st 2013-06-13 11:27:24.000000000 +0200 | ||
|---|---|---|
|
"sshPorts"
|
||
|
slist => {&OPENSSH_SERVER_PORTS: { "&it&" };separator=", "&};
|
||
|
"sshAddresses"
|
||
|
slist => {&OPENSSH_SERVER_ADDRESSES: { "&it&" };separator=", "&};
|
||
|
# OS Specific parameters
|
||
|
debian::
|
||
| ... | ... | |
|
"rudder_openssh_server_ports_edit"
|
||
|
not => strcmp("&OPENSSH_SERVER_PORTSEDIT&","false");
|
||
|
# Addresses edition ?
|
||
|
"rudder_openssh_server_addresses_edit"
|
||
|
not => strcmp("&OPENSSH_SERVER_ADDRESSESEDIT&","false");
|
||
|
# Protocol edition ?
|
||
|
"rudder_openssh_server_protocol_edit"
|
||
|
not => strcmp("&OPENSSH_SERVER_PROTOCOL&","dontchange");
|
||
| ... | ... | |
|
classes => rudder_common_classes("rudder_openssh_server_ports"),
|
||
|
comment => "Edit the OpenSSH listening ports in the configuration file";
|
||
|
(debian|redhat|SuSE).rudder_openssh_server_addresses_edit::
|
||
|
"${rudder_openssh_server_config}"
|
||
|
edit_line => rudder_openssh_server_address_configuration("@{this.sshAddresses}"),
|
||
|
classes => rudder_common_classes("rudder_openssh_server_addresses"),
|
||
|
comment => "Edit the OpenSSH listening addresses in the configuration file";
|
||
|
(debian|redhat|SuSE)::
|
||
|
"${rudder_openssh_server_config}"
|
||
|
edit_line => set_config_values("rudder_openssh_server_configuration.sshd"),
|
||
| ... | ... | |
|
usebundle => rudder_common_report("${service_name}", "result_success", "&TRACKINGKEY&", "SSH port configuration", "None", "The ${service_name} ports are not requested to be enforced"),
|
||
|
ifvarclass => "!rudder_openssh_server_ports_edit";
|
||
|
"any"
|
||
|
usebundle => rudder_common_report("${service_name}", "result_success", "&TRACKINGKEY&", "SSH address configuration", "None", "The ${service_name} addresses are not requested to be enforced"), ifvarclass => "!rudder_openssh_server_addresses_edit";
|
||
|
processes:
|
||
|
(debian|redhat|SuSE)::
|
||
| ... | ... | |
|
comment => "Checking whether OpenSSH is up or not";
|
||
|
commands:
|
||
|
(debian|redhat|SuSE).(rudder_openssh_server_ports_repaired|rudder_openssh_server_configuration_repaired|rudder_openssh_server_down)::
|
||
|
(debian|redhat|SuSE).(rudder_openssh_server_ports_repaired|rudder_openssh_server_addresses_repaired|rudder_openssh_server_configuration_repaired|rudder_openssh_server_down)::
|
||
|
"${rudder_openssh_server_startup_init_name}"
|
||
|
args => "restart",
|
||
|
classes => cf2_if_else("rudder_openssh_server_daemon_restart_repaired", "rudder_openssh_server_daemon_restart_error"),
|
||
| ... | ... | |
|
methods:
|
||
|
# SSH configuration file
|
||
|
"any" usebundle => rudder_common_reports_generic("OpenSSH server", "rudder_openssh_server_ports", "&TRACKINGKEY&", "SSH port configuration", "None", "The ${service_name} port configuration");
|
||
|
"any" usebundle => rudder_common_reports_generic("OpenSSH server", "rudder_openssh_server_addresses", "&TRACKINGKEY&", "SSH address configuration", "None", "The ${service_name} address configuration");
|
||
|
"any" usebundle => rudder_common_reports_generic("OpenSSH server", "rudder_openssh_server_configuration", "&TRACKINGKEY&", "SSH configuration", "None", "The ${service_name} configuration");
|
||
|
# SSH start on boot
|
||
|
"any" usebundle => rudder_common_reports_generic("OpenSSH server", "rudder_openssh_server_activated_on_boot", "&TRACKINGKEY&", "SSH start at boot", "None", "The ${service_name} boot starting configuration");
|
||
| techniques/systemSettings/remoteAccess/sshConfiguration/2.1/metadata.xml 2013-06-13 11:20:23.000000000 +0200 | ||
|---|---|---|
|
<!-- Sections for reporting only, variables are separate below -->
|
||
|
<SECTION name="SSH installation" component="true" />
|
||
|
<SECTION name="SSH port configuration" component="true" />
|
||
|
<SECTION name="SSH address configuration" component="true" />
|
||
|
<SECTION name="SSH configuration" component="true" />
|
||
|
<SECTION name="SSH process" component="true" />
|
||
|
<SECTION name="SSH start at boot" component="true" />
|
||
| ... | ... | |
|
</CONSTRAINT>
|
||
|
</INPUT>
|
||
|
</SECTION>
|
||
|
<INPUT>
|
||
|
<NAME>OPENSSH_SERVER_ADDRESSESEDIT</NAME>
|
||
|
<DESCRIPTION>Do you want to define the Addresses ?</DESCRIPTION>
|
||
|
<CONSTRAINT>
|
||
|
<TYPE>boolean</TYPE>
|
||
|
</CONSTRAINT>
|
||
|
</INPUT>
|
||
|
<SECTION name="SSH addresses" multivalued="true">
|
||
|
<INPUT>
|
||
|
<NAME>OPENSSH_SERVER_ADDRESSES</NAME>
|
||
|
<DESCRIPTION>Ip Address that SSH listens on</DESCRIPTION>
|
||
|
<CONSTRAINT>
|
||
|
<TYPE>ip</TYPE>
|
||
|
<DEFAULT>0.0.0.0</DEFAULT>
|
||
|
</CONSTRAINT>
|
||
|
</INPUT>
|
||
|
</SECTION>
|
||
|
<INPUT>
|
||
|
<NAME>OPENSSH_SERVER_PROTOCOL</NAME>
|
||
|
<DESCRIPTION>Supported protocol version(s)</DESCRIPTION>
|
||