Merge pull request #34 from ghoneycutt/specify_port

Specify port

README.md

@@ -10,6 +10,7 @@ The module uses exported resources to manage ssh keys and removes ssh keys that
 
 This module has been tested to work on the following systems with Puppet v3.
 
+ * Debian 7
  * EL 5
  * EL 6
  * SLES 11
@@ -91,6 +92,12 @@ sshd_config's mode.
 
 - *Default*: '0600'
 
+sshd_config_port
+---------------------------
+String to specify listen port for sshd. Port option in sshd_config.
+
+- *Default*: 22
+
 sshd_config_syslog_facility
 ---------------------------
 SyslogFacility option in sshd_config.

manifests/init.pp

@@ -19,6 +19,7 @@ class ssh (
   $sshd_config_owner                = 'root',
   $sshd_config_group                = 'root',
   $sshd_config_mode                 = '0600',
+  $sshd_config_port                 = '22',
   $sshd_config_syslog_facility      = 'AUTH',
   $sshd_config_login_grace_time     = '120',
   $sshd_config_challenge_resp_auth  = 'no',
@@ -45,6 +46,7 @@ class ssh (
 ) {
 
   # validate params
+  validate_re($sshd_config_port, '^\d+$', "sshd_config_port must be a valid number and is set to <${sshd_config_port}>")
   validate_re($sshd_password_authentication, '^(yes|no)$', "sshd_password_authentication may be either 'yes' or 'no' and is set to <${sshd_password_authentication}>.")
   validate_re($sshd_allow_tcp_forwarding, '^(yes|no)$', "sshd_allow_tcp_forwarding may be either 'yes' or 'no' and is set to <${sshd_allow_tcp_forwarding}>.")
   validate_re($sshd_x11_forwarding, '^(yes|no)$', "sshd_x11_forwarding may be either 'yes' or 'no' and is set to <${sshd_x11_forwarding}>.")
@@ -116,17 +118,10 @@ class ssh (
       }
     }
     'Debian': {
-      case $::operatingsystem {
+      $default_packages                   = [ 'openssh-server',
-        'Ubuntu': {
+                                              'openssh-client']
-          $default_packages                   = [ 'openssh-server',
+      $default_sshd_config_subsystem_sftp = '/usr/lib/openssh/sftp-server'
-                                                  'openssh-client']
+      $default_service_name               = 'ssh'
-          $default_sshd_config_subsystem_sftp = '/usr/lib/openssh/sftp-server'
-          $default_service_name               = 'ssh'
-        }
-        default: {
-          fail("ssh supports Debian variant Ubuntu. Your osfamily is <${::osfamily}> and operatingsystem is <${::operatingsystem}>.")
-        }
-      }
     }
     default: {
       fail("ssh supports osfamilies RedHat, Suse and Debian. Detected osfamily is <${::osfamily}>.")

spec/classes/init_spec.rb

@@ -49,6 +49,7 @@ describe 'ssh' do
       })
     }
 
+    it { should contain_file('sshd_config').with_content(/^Port 22$/) }
     it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
     it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
     it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
@@ -82,29 +83,11 @@ describe 'ssh' do
     }
   end
 
-  context 'with default params on osfamily Debian operatingsystem Debian' do
+  context 'with default params on osfamily Debian' do
     let :facts do
       {
         :fqdn            => 'monkey.example.com',
         :osfamily        => 'Debian',
-        :operatingsystem => 'Debian',
-        :sshrsakey       => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
-      }
-    end
-
-    it 'should fail' do
-      expect {
-        should include_class('ssh')
-      }.to raise_error(Puppet::Error,/ssh supports Debian variant Ubuntu. Your osfamily is <Debian> and operatingsystem is <Debian>./)
-    end
-  end
-
-  context 'with default params on osfamily Debian operatingsystem Ubuntu' do
-    let :facts do
-      {
-        :fqdn            => 'monkey.example.com',
-        :osfamily        => 'Debian',
-        :operatingsystem => 'Ubuntu',
         :sshrsakey       => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
       }
     end
@@ -148,6 +131,7 @@ describe 'ssh' do
       })
     }
 
+    it { should contain_file('sshd_config').with_content(/^Port 22$/) }
     it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
     it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
     it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
@@ -230,6 +214,7 @@ describe 'ssh' do
       })
     }
 
+    it { should contain_file('sshd_config').with_content(/^Port 22$/) }
     it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
     it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
     it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
@@ -312,6 +297,7 @@ describe 'ssh' do
       })
     }
 
+    it { should contain_file('sshd_config').with_content(/^Port 22$/) }
     it { should contain_file('sshd_config').with_content(/^SyslogFacility AUTH$/) }
     it { should contain_file('sshd_config').with_content(/^LoginGraceTime 120$/) }
     it { should contain_file('sshd_config').with_content(/^PermitRootLogin yes$/) }
@@ -345,7 +331,27 @@ describe 'ssh' do
     }
   end
 
-  context 'with optional params used in ssh_config set on osfamily RedHat' do
+  context 'with default params on invalid osfamily' do
+    let :facts do
+      {
+        :fqdn      => 'monkey.example.com',
+        :osfamily  => 'C64',
+        :root_home => '/root',
+        :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+      }
+    end
+    let :params do
+      { :manage_root_ssh_config => 'invalid' }
+    end
+
+    it 'should fail' do
+      expect {
+        should include_class('ssh')
+      }.to raise_error(Puppet::Error,/ssh supports osfamilies RedHat, Suse and Debian. Detected osfamily is <C64>./)
+    end
+  end
+
+  context 'with optional params used in ssh_config set on valid osfamily' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
@@ -381,7 +387,7 @@ describe 'ssh' do
     it { should contain_file('ssh_config').with_content(/^  SendEnv XMODIFIERS$/) }
   end
 
-  context 'with params used in sshd_config set on osfamily RedHat' do
+  context 'with params used in sshd_config set on valid osfamily' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',
@@ -391,6 +397,7 @@ describe 'ssh' do
     end
     let :params do
       {
+        :sshd_config_port                => '22222',
         :sshd_config_syslog_facility     => 'DAEMON',
         :sshd_config_login_grace_time    => '60',
         :permit_root_login               => 'no',
@@ -419,6 +426,7 @@ describe 'ssh' do
       })
     }
 
+    it { should contain_file('sshd_config').with_content(/^Port 22222$/) }
     it { should contain_file('sshd_config').with_content(/^SyslogFacility DAEMON$/) }
     it { should contain_file('sshd_config').with_content(/^LoginGraceTime 60$/) }
     it { should contain_file('sshd_config').with_content(/^PermitRootLogin no$/) }
@@ -474,6 +482,25 @@ describe 'ssh' do
     }
   end
 
+  context 'with sshd_config_port not being a valid number' do
+    let :facts do
+      {
+        :fqdn      => 'monkey.example.com',
+        :osfamily  => 'RedHat',
+        :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+      }
+    end
+    let :params do
+      { :sshd_config_port => '22invalid' }
+    end
+
+    it 'should fail' do
+      expect {
+        should include_class('ssh')
+      }.to raise_error(Puppet::Error,/sshd_config_port must be a valid number and is set to <22invalid>./)
+    end
+  end
+
   context 'with manage_root_ssh_config set to invalid value on valid osfamily' do
     let :facts do
       {
@@ -608,7 +635,7 @@ describe 'ssh' do
     end
   end
 
-  context 'with ssh_config_sendenv_xmodifiers set to stringified true' do
+  context 'with ssh_config_sendenv_xmodifiers set to stringified \'true\'' do
     let :facts do
       {
         :fqdn      => 'monkey.example.com',

templates/sshd_config.erb

@@ -14,6 +14,7 @@
 # default value.
 
 #Port 22
+Port <%= @sshd_config_port %>
 #Protocol 2,1
 Protocol 2
 #AddressFamily any