confdroid/confdroid_ssh
1
0
Fork 0
Code Issues Projects Wiki Activity
Files
58596bf8b39ae78e6c0ba201eebbf3c10f21749e
confdroid_ssh/doc/puppet_classes/confdroid_ssh_3A_3Aparams.html

716 lines
17 KiB
HTML
Raw Normal View History

Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Puppet Class: confdroid_ssh::params
&mdash; Documentation by YARD 0.9.36
</title>
<link rel="stylesheet" href="../css/style.css" type="text/css" />
<link rel="stylesheet" href="../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "puppet_classes::confdroid_ssh::params";
relpath = '../';
</script>
<script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../puppet_class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../_index.html">Index (c)</a> &raquo;
<span class='title'><span class='object_link'>Puppet Classes</span></span>
&raquo;
<span class="title">confdroid_ssh::params</span>
</div>
<div id="search">
<a class="full_list_link" id="puppet_class_list_link"
href="../puppet_class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Puppet Class: confdroid_ssh::params</h1>
<div class="box_info">
<dl>
<dt>Inherited by:</dt>
<dd>
<span class='object_link'><a href="confdroid_ssh_3A_3Amain_3A_3Adirs.html" title="puppet_classes::confdroid_ssh::main::dirs (puppet_class)">confdroid_ssh::main::dirs</a></span><br/>
<span class='object_link'><a href="confdroid_ssh_3A_3Amain_3A_3Afiles.html" title="puppet_classes::confdroid_ssh::main::files (puppet_class)">confdroid_ssh::main::files</a></span><br/>
<span class='object_link'><a href="confdroid_ssh_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::confdroid_ssh::main::config (puppet_class)">confdroid_ssh::main::config</a></span><br/>
<span class='object_link'><a href="confdroid_ssh_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::confdroid_ssh::main::install (puppet_class)">confdroid_ssh::main::install</a></span><br/>
<span class='object_link'><a href="confdroid_ssh_3A_3Amain_3A_3Aservice.html" title="puppet_classes::confdroid_ssh::main::service (puppet_class)">confdroid_ssh::main::service</a></span><br/>
<span class='object_link'><a href="confdroid_ssh_3A_3Aselinux_3A_3Asemanage.html" title="puppet_classes::confdroid_ssh::selinux::semanage (puppet_class)">confdroid_ssh::selinux::semanage</a></span><br/>
Recommit for updates in build 10
2026-04-09 14:16:15 +02:00
<span class='object_link'><a href="confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::confdroid_ssh::firewall::iptables (puppet_class)">confdroid_ssh::firewall::iptables</a></span><br/>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
</dd>
</dl>
<dl>
<dt>Defined in:</dt>
<dd>
manifests/params.pp
</dd>
</dl>
</div>
<h2>Summary</h2>
Class contains all class parameters for confdroid_ssh
<h2>Overview</h2>
<div class="docstring">
<div class="discussion">
<p>confdroid_ssh::params.pp Module name: confdroid_ssh Author: 12ww1160 (12ww1160@confdroid.com)</p>
</div>
</div>
<div class="tags">
<p class="tag_title">Parameters:</p>
<ul class="param">
<li>
<span class='name'>ssh_reqpackages</span>
<span class='type'>(<tt>Array</tt>)</span>
<em class="default">(defaults to: <tt>[&#39;openssh&#39;,&#39;openssh-clients&#39;,&#39;openssh-server&#39;]</tt>)</em>
&mdash;
<div class='inline'>
<p>packages to install</p>
</div>
</li>
<li>
<span class='name'>pkg_ensure</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;present&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>version to install: present or latest</p>
</div>
</li>
<li>
Recommit for updates in build 16
2026-04-09 15:07:46 +02:00
<span class='name'>ssh_fw_rule</span>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
Recommit for updates in build 15
2026-04-09 15:01:50 +02:00
<span class='type'>(<tt>String</tt>)</span>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
Recommit for updates in build 15
2026-04-09 15:01:50 +02:00
<em class="default">(defaults to: <tt>&#39;present&#39;</tt>)</em>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
&mdash;
<div class='inline'>
Recommit for updates in build 15
2026-04-09 15:01:50 +02:00
<p>whether set the fw rule to present or absent.</p>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
</div>
</li>
<li>
<span class='name'>ssh_fw_port</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;22&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>port to use for SSHD and in fw</p>
</div>
</li>
<li>
<span class='name'>ssh_fw_order</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;50&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>order of firewall rule</p>
</div>
</li>
<li>
<span class='name'>ssh_source_range</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0.0.0.0/0&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>source range for firewall rule</p>
</div>
</li>
<li>
<span class='name'>ssh_manage_config</span>
<span class='type'>(<tt>Boolean</tt>)</span>
<em class="default">(defaults to: <tt>true</tt>)</em>
&mdash;
<div class='inline'>
<p>whether to manage the configuration</p>
</div>
</li>
<li>
<span class='name'>ssh_address_family</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;any&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>AddressFamily setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_listen_address</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0.0.0.0&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>ListenAddress setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_root_login</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;prohibit-password&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>PermitRootLogin setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_strict_modes</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;yes&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>StrictModes setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_max_auth_tries</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;6&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>MaxAuthTries setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_max_sessions</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;10&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>MaxSessions setting for sshd_config</p>
Recommit for updates in build 17
2026-04-13 12:57:58 +02:00
</div>
</li>
<li>
<span class='name'>ssh_pubkey_auth</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;yes&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>PubkeyAuthentication setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_auth_key_files</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;.ssh/authorized_keys&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>AuthorizedKeysFile setting for sshd_config</p>
</div>
</li>
<li>
<span class='name'>ssh_authorized_principals_file</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;none&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>AuthorizedPrincipalsFile setting for sshd_config. Default is none to disable this setting.</p>
</div>
</li>
<li>
<span class='name'>ssh_authorized_keys_command</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;none&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>AuthorizedKeysCommand setting for sshd_config. Default is none to disable this setting.</p>
</div>
</li>
<li>
<span class='name'>ssh_authorized_keys_command_user</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;nobody&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>AuthorizedKeysCommandUser setting for sshd_config. Default is nobody to use an unpriviledged user.</p>
</div>
</li>
<li>
<span class='name'>ssh_use_specific_hostkey</span>
<span class='type'>(<tt>Boolean</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>whether to use a specific host key</p>
</div>
</li>
<li>
<span class='name'>ssh_hostkey_type</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;rsa&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>type of host key to use if ssh_use_specific_hostkey is true</p>
Recommit for updates in build 18
2026-04-13 13:10:40 +02:00
</div>
</li>
<li>
<span class='name'>ssh_rekeylimit</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;default none&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>RekeyLimit setting for sshd_config. Default is default none.</p>
</div>
</li>
<li>
<span class='name'>ssh_syslog_facility</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;AUTH&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>SyslogFacility setting for sshd_config. Default is AUTH.</p>
</div>
</li>
<li>
<span class='name'>ssh_log_level</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;INFO&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>LogLevel setting for sshd_config. Default is INFO.</p>
Recommit for updates in build 21
2026-04-13 14:21:20 +02:00
</div>
</li>
<li>
<span class='name'>ssh_password_authentication</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;no&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>PasswordAuthentication setting for sshd_config. Default is no, which requires key-based authentication. This is a recommended security setting, so passwords do not show up in logs, but can be set to yes if password authentication is desired.</p>
</div>
</li>
<li>
<span class='name'>ssh_permit_empty_passwords</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;no&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>PermitEmptyPasswords setting for sshd_config. Default is no, which is a recommended security setting and works in connection with key-based authentication, but can be set to yes if password authentication should be allowed and empty passwords should be allowed. Again, this should be used with caution if enabled.</p>
</div>
</li>
<li>
<span class='name'>ssh_kbd_interactive_auth</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;no&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>setting for sshd_config. Default is no, which is a recommended security setting together with password authentication, but can be set to yes if keyboard-interactive authentication should be allowed. (not recommended)</p>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
</div>
</li>
</ul>
</div><div class="method_details_list">
<table class="source_code">
<tr>
<td>
<pre class="lines">
50
51
52
53
54
55
56
57
58
Recommit for updates in build 15
2026-04-09 15:01:50 +02:00
59
Recommit for updates in build 17
2026-04-13 12:57:58 +02:00
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
Recommit for updates in build 18
2026-04-13 13:10:40 +02:00
78
79
80
81
82
83
84
85
86
Recommit for updates in build 21
2026-04-13 14:21:20 +02:00
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103</pre>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
</td>
<td>
Recommit for updates in build 21
2026-04-13 14:21:20 +02:00
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 50</span>
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
class confdroid_ssh::params (
Recommit for updates in build 17
2026-04-13 12:57:58 +02:00
Array $ssh_reqpackages = [&#39;openssh&#39;,&#39;openssh-clients&#39;,&#39;openssh-server&#39;],
String $pkg_ensure = &#39;present&#39;,
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
# firewall settings
Recommit for updates in build 17
2026-04-13 12:57:58 +02:00
String $ssh_fw_rule = &#39;present&#39;,
String $ssh_fw_port = &#39;22&#39;,
String $ssh_fw_order = &#39;50&#39;,
String $ssh_source_range = &#39;0.0.0.0/0&#39;,
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
Recommit for updates in build 17
2026-04-13 12:57:58 +02:00
# sshd configuration
Boolean $ssh_manage_config = true,
String $ssh_address_family = &#39;any&#39;,
String $ssh_listen_address = &#39;0.0.0.0&#39;,
String $ssh_root_login = &#39;prohibit-password&#39;,
String $ssh_strict_modes = &#39;yes&#39;,
String $ssh_max_auth_tries = &#39;6&#39;,
String $ssh_max_sessions = &#39;10&#39;,
String $ssh_pubkey_auth = &#39;yes&#39;,
String $ssh_auth_key_files = &#39;.ssh/authorized_keys&#39;,
String $ssh_authorized_principals_file = &#39;none&#39;,
String $ssh_authorized_keys_command = &#39;none&#39;,
String $ssh_authorized_keys_command_user = &#39;nobody&#39;,
Boolean $ssh_use_specific_hostkey = false,
String $ssh_hostkey_type = &#39;rsa&#39;,
Recommit for updates in build 18
2026-04-13 13:10:40 +02:00
String $ssh_rekeylimit = &#39;default none&#39;,
String $ssh_syslog_facility = &#39;AUTH&#39;,
Recommit for updates in build 21
2026-04-13 14:21:20 +02:00
String $ssh_log_level = &#39;INFO&#39;,
String $ssh_password_authentication = &#39;no&#39;,
String $ssh_permit_empty_passwords = &#39;no&#39;,
String $ssh_kbd_interactive_auth = &#39;no&#39;
Recommit for updates in build 8
2026-04-09 13:47:28 +02:00
) {
# default facts
$fqdn = $facts[&#39;networking&#39;][&#39;fqdn&#39;]
$hostname = $facts[&#39;networking&#39;][&#39;hostname&#39;]
$domain = $facts[&#39;networking&#39;][&#39;domain&#39;]
$os_name = $facts[&#39;os&#39;][&#39;name&#39;]
$os_release = $facts[&#39;os&#39;][&#39;release&#39;][&#39;major&#39;]
$sshd_user = &#39;root&#39;
$ssh_etc_path = &#39;/etc/ssh&#39;
$sshd_service = &#39;sshd&#39;
$sshd_config_path = &quot;${ssh_etc_path}/sshd_config&quot;
$sshd_custom_path = &quot;${ssh_etc_path}/sshd_config.d&quot;
$sshd_custom_conf = &quot;${sshd_custom_path}/10-custom.conf&quot;
$sshd_custom_erb = &#39;confdroid_ssh/sshd_custom_conf.erb&#39;
$sshd_config_erb = &#39;confdroid_ssh/sshd_config.erb&#39;
$sshd_root_login_file = &quot;${sshd_custom_path}/01-permitrootlogin.conf&quot;
# includes must be last
include confdroid_ssh::main::config
}</pre>
</td>
</tr>
</table>
</div>
</div>
<div id="footer">
Generated by <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>.
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink