puppet/ssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #162 from andrei693/Add_multiple_ports_option_to_sshd_config_port

Browse Source 
Change sshd_config_port to support multiple port numbers
This commit is contained in:
Garrett Honeycutt 2016-06-09 16:47:25 -04:00 committed by GitHub
commit 6e920cab49
4 changed files with 46 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -224,7 +224,7 @@ String or Array to specify address(es) for which sshd will bind. Corresponds to
sshd_config_port sshd_config_port
--------------------------- ---------------------------
String to specify listen port for sshd. Port option in sshd_config. String, Integer or Array to specify listen port[s] for sshd. Port option in sshd_config.
- *Default*: '22' - *Default*: '22'

17
manifests/init.pp
View File

@ -457,7 +457,22 @@ class ssh (
if $ssh_config_hash_known_hosts_real != undef { if $ssh_config_hash_known_hosts_real != undef {
validate_re($ssh_config_hash_known_hosts_real, '^(yes|no)$', "ssh::ssh_config_hash_known_hosts may be either 'yes' or 'no' and is set to <${ssh_config_hash_known_hosts_real}>.") validate_re($ssh_config_hash_known_hosts_real, '^(yes|no)$', "ssh::ssh_config_hash_known_hosts may be either 'yes' or 'no' and is set to <${ssh_config_hash_known_hosts_real}>.")
} }
validate_re($sshd_config_port, '^\d+$', "ssh::sshd_config_port must be a valid number and is set to <${sshd_config_port}>.") case type3x($sshd_config_port) {
'string': {
validate_re($sshd_config_port, '^\d+$', "ssh::sshd_config_port must be a valid number and is set to <${sshd_config_port}>.")
$sshd_config_port_array = [ str2num($sshd_config_port) ]
}
'array': {
$sshd_config_port_array = $sshd_config_port
}
'integer': {
$sshd_config_port_array = [ $sshd_config_port ]
}
default: {
fail('ssh:sshd_config_port must be a string, an integer or an array. ')
}
}
validate_numeric($sshd_config_port_array, 65535, 1)
if $sshd_kerberos_authentication != undef { if $sshd_kerberos_authentication != undef {
validate_re($sshd_kerberos_authentication, '^(yes|no)$', "ssh::sshd_kerberos_authentication may be either 'yes' or 'no' and is set to <${sshd_kerberos_authentication}>.") validate_re($sshd_kerberos_authentication, '^(yes|no)$', "ssh::sshd_kerberos_authentication may be either 'yes' or 'no' and is set to <${sshd_kerberos_authentication}>.")
} }

33
spec/classes/init_spec.rb
View File

@ -970,21 +970,40 @@ describe 'ssh' do
end end
end end
context 'with sshd_config_port not being a valid number' do describe 'sshd_config_port param' do
let :facts do let :facts do
default_facts.merge( default_facts.merge(
{ {
} }
) )
end end
let :params do
{ :sshd_config_port => '22invalid' } context 'when set to an array' do
let (:params) {{'sshd_config_port' => ['22222', '22223'] }}
it { should contain_file('sshd_config').with_content(/^Port 22222\nPort 22223$/) }
end end
it 'should fail' do context 'when set to a string' do
expect { let (:params) {{'sshd_config_port' => '22222' }}
should contain_class('ssh')
}.to raise_error(Puppet::Error,/ssh::sshd_config_port must be a valid number and is set to <22invalid>\./) it { should contain_file('sshd_config').with_content(/^Port 22222$/) }
end
context 'when set to an integer' do
let (:params) {{'sshd_config_port' => 22222 }}
it { should contain_file('sshd_config').with_content(/^Port 22222$/) }
end
context 'when not set to a valid number' do
let (:params) {{'sshd_config_port' => '22invalid' }}
it 'should fail' do
expect {
should contain_class('ssh')
}.to raise_error(Puppet::Error,/ssh::sshd_config_port must be a valid number and is set to <22invalid>\./)
end
end end
end end

4
templates/sshd_config.erb
View File

@ -14,7 +14,9 @@
# default value. # default value.
#Port 22 #Port 22
Port <%= @sshd_config_port %> <% @sshd_config_port_array.each do |p| -%>
<%= "Port #{p}" %>
<% end -%>
#Protocol 2,1 #Protocol 2,1
Protocol 2 Protocol 2
<% if @sshd_addressfamily_real != nil -%> <% if @sshd_addressfamily_real != nil -%>