Merge pull request #14 from ghoneycutt/support_multiple_os

Add ability to add more OS's and add spec tests

Modulefile

@@ -1,5 +1,5 @@
 name    'ghoneycutt-ssh'
-version '2.0.1'
+version '2.2.0'
 source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
 author 'ghoneycutt'
 license 'Apache License, Version 2.0'

README.md

@@ -234,4 +234,3 @@ ssh::keys:
     ensure: absent
     user: root
 </pre>
-

manifests/init.pp

@@ -16,9 +16,7 @@
 #     user: root
 #
 class ssh (
-  $packages                         = ['openssh-server',
+  $packages                         = 'USE_DEFAULTS',
-                                        'openssh-server',
-                                        'openssh-clients'],
   $permit_root_login                = 'no',
   $purge_keys                       = 'true',
   $manage_firewall                  = false,
@@ -40,7 +38,7 @@ class ssh (
   $sshd_config_use_dns              = 'yes',
   $sshd_config_banner               = 'none',
   $sshd_config_xauth_location       = '/usr/bin/xauth',
-  $sshd_config_subsystem_sftp       = '/usr/libexec/openssh/sftp-server',
+  $sshd_config_subsystem_sftp       = 'USE_DEFAULTS',
   $service_ensure                   = 'running',
   $service_name                     = 'sshd',
   $service_enable                   = 'true',
@@ -83,9 +81,33 @@ class ssh (
     }
   }
 
+  case $::osfamily {
+    'RedHat': {
+      $default_packages                   = ['openssh-server',
+                                              'openssh-server',
+                                              'openssh-clients']
+      $default_sshd_config_subsystem_sftp = '/usr/libexec/openssh/sftp-server'
+    }
+    default: {
+      fail("ssh supports osfamily RedHat. Detected osfamily is <${::osfamily}>.")
+    }
+  }
+
+  if $packages == 'USE_DEFAULTS' {
+    $packages_real = $default_packages
+  } else {
+    $packages_real = $packages
+  }
+
+  if $sshd_config_subsystem_sftp == 'USE_DEFAULTS' {
+    $sshd_config_subsystem_sftp_real = $default_sshd_config_subsystem_sftp
+  } else {
+    $sshd_config_subsystem_sftp_real = $sshd_config_subsystem_sftp
+  }
+
   package { 'ssh_packages':
     ensure => installed,
-    name   => $packages,
+    name   => $packages_real,
   }
 
   file  { 'ssh_config' :

spec/classes/init_spec.rb

@@ -1,10 +1,11 @@
 require 'spec_helper'
 describe 'ssh' do
 
-  context 'with default params' do
+  context 'with default params on osfamily RedHat' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
+        :osfamily  => 'RedHat',
         :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
       }
     end
@@ -45,10 +46,42 @@ describe 'ssh' do
       })
     }
 
+    it {
+      should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/)
+    }
+
     it {
       should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
     }
 
+    it {
+      should contain_file('sshd_config').with_content(/^ChallengeResponseAuthentication no$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^PrintMotd yes$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^UseDNS yes$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^Banner none$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^XAuthLocation \/usr\/bin\/xauth$/)
+    }
+
+    it {
+      should contain_file('sshd_config').with_content(/^Subsystem sftp \/usr\/libexec\/openssh\/sftp-server$/)
+    }
+
     it {
       should contain_service('sshd_service').with({
         'ensure'     => 'running',
@@ -67,7 +100,7 @@ describe 'ssh' do
     }
   end
 
-  context 'with manage_root_ssh_config set to \'true\'' do
+  context 'with manage_root_ssh_config set to \'true\' on valid osfamily' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
@@ -84,60 +117,6 @@ describe 'ssh' do
 
     it { should include_class('common')}
 
-    it {
-      should contain_package('ssh_packages').with({
-        'ensure' => 'installed',
-        'name'   => ['openssh-server','openssh-server','openssh-clients'],
-      })
-    }
-
-    it {
-      should contain_file('ssh_config').with({
-        'ensure' => 'file',
-        'path'    => '/etc/ssh/ssh_config',
-        'owner'   => 'root',
-        'group'   => 'root',
-        'mode'    => '0644',
-        'require' => 'Package[ssh_packages]',
-      })
-    }
-
-    it {
-      should contain_file('ssh_config').with_content(/^# This file is being maintained by Puppet.\n# DO NOT EDIT\n\n# \$OpenBSD: ssh_config,v 1.21 2005\/12\/06 22:38:27 reyk Exp \$/)
-    }
-
-    it {
-      should contain_file('sshd_config').with({
-        'ensure' => 'file',
-        'path'    => '/etc/ssh/sshd_config',
-        'owner'   => 'root',
-        'group'   => 'root',
-        'mode'    => '0600',
-        'require' => 'Package[ssh_packages]',
-      })
-    }
-
-    it {
-      should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
-    }
-
-    it {
-      should contain_service('sshd_service').with({
-        'ensure'     => 'running',
-        'name'       => 'sshd',
-        'enable'     => 'true',
-        'hasrestart' => 'true',
-        'hasstatus'  => 'true',
-        'subscribe'  => 'File[sshd_config]',
-      })
-    }
-
-    it {
-      should contain_resources('sshkey').with({
-        'purge' => 'true',
-      })
-    }
-
     it {
       should contain_file('root_ssh_dir').with({
         'ensure'  => 'directory',
@@ -148,9 +127,19 @@ describe 'ssh' do
         'require' => 'Common::Mkdir_p[/root/.ssh]',
       })
     }
+
+    it {
+      should contain_file('root_ssh_config').with({
+        'ensure'  => 'file',
+        'path'    => '/root/.ssh/config',
+        'owner'   => 'root',
+        'group'   => 'root',
+        'mode'    => '0600',
+      })
+    }
   end
 
-  context 'with manage_root_ssh_config set to invalid value' do
+  context 'with manage_root_ssh_config set to invalid value on valid osfamily' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
@@ -170,10 +159,11 @@ describe 'ssh' do
     end
   end
 
-  context 'with manage_firewall set to true' do
+  context 'with manage_firewall set to true on valid osfamily' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
+        :osfamily  => 'RedHat',
         :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
       }
     end
@@ -185,60 +175,6 @@ describe 'ssh' do
 
     it { should_not include_class('common')}
 
-    it {
-      should contain_package('ssh_packages').with({
-        'ensure' => 'installed',
-        'name'   => ['openssh-server','openssh-server','openssh-clients'],
-      })
-    }
-
-    it {
-      should contain_file('ssh_config').with({
-        'ensure' => 'file',
-        'path'    => '/etc/ssh/ssh_config',
-        'owner'   => 'root',
-        'group'   => 'root',
-        'mode'    => '0644',
-        'require' => 'Package[ssh_packages]',
-      })
-    }
-
-    it {
-      should contain_file('ssh_config').with_content(/^# This file is being maintained by Puppet.\n# DO NOT EDIT\n\n# \$OpenBSD: ssh_config,v 1.21 2005\/12\/06 22:38:27 reyk Exp \$/)
-    }
-
-    it {
-      should contain_file('sshd_config').with({
-        'ensure' => 'file',
-        'path'    => '/etc/ssh/sshd_config',
-        'owner'   => 'root',
-        'group'   => 'root',
-        'mode'    => '0600',
-        'require' => 'Package[ssh_packages]',
-      })
-    }
-
-    it {
-      should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
-    }
-
-    it {
-      should contain_service('sshd_service').with({
-        'ensure'     => 'running',
-        'name'       => 'sshd',
-        'enable'     => 'true',
-        'hasrestart' => 'true',
-        'hasstatus'  => 'true',
-        'subscribe'  => 'File[sshd_config]',
-      })
-    }
-
-    it {
-      should contain_resources('sshkey').with({
-        'purge' => 'true',
-      })
-    }
-
     it {
       should contain_firewall('22 open port 22 for SSH').with({
         'action' => 'accept',
@@ -247,7 +183,11 @@ describe 'ssh' do
       })
     }
   end
-  context 'with keys defined' do
+
+  context 'with keys defined on valid osfamily' do
+    let :facts do
+      { :osfamily  => 'RedHat' }
+    end
     let(:params) { { :keys => {
       'root_for_userX' => {
         'ensure' => 'present',
@@ -267,6 +207,9 @@ describe 'ssh' do
         'type'   => 'dsa',
         'key'    => 'AAAA==',
       })
+    }
+
+    it {
       should contain_ssh_authorized_key('root_for_userY').with({
         'ensure' => 'absent',
         'user'   => 'root',

templates/sshd_config.erb

@@ -126,4 +126,4 @@ Banner <%= @sshd_config_banner %>
 XAuthLocation <%= @sshd_config_xauth_location %>
 
 # override default of no subsystems
-Subsystem	sftp	<%= @sshd_config_subsystem_sftp %>
+Subsystem sftp <%= @sshd_config_subsystem_sftp_real %>