confdroid/confdroid_ssh
1
0
Fork 0
Code Issues Projects Wiki Activity

Merge branch 'jenkins-build-14' into 'master'

Browse Source 
Auto-merge for build 14

See merge request puppet/confdroid_ssh!14
This commit is contained in:
Jenkins
2026-04-09 12:57:58 +00:00
parent a2a3f1c862 fbdc21d72f
commit 9d39c1b1d5
2 changed files with 27 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -120,9 +120,7 @@
22 22
23 23
24 24
25 25</pre>
26
27</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span> <pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span>
@@ -130,24 +128,22 @@
class confdroid_ssh::firewall::iptables ( class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params { ) inherits confdroid_ssh::params {
if $ssh_use_firewall == true { case $ssh_use_firewall {
true, &#39;true&#39;, &#39;yes&#39;, &#39;1&#39;: {
$ssh_fw_ensure = &#39;present&#39;
}
default: {
$ssh_fw_ensure = &#39;absent&#39;
}
}
firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;: firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; &#39;present&#39;, ensure =&gt; $ssh_fw_ensure,
proto =&gt; &#39;tcp&#39;, proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range, source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port, dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;, jump =&gt; &#39;accept&#39;,
} }
}
if $ssh_use_firewall == false {
firewall { &quot;${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; &#39;absent&#39;,
proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;,
}
}
}</pre> }</pre>
</td> </td>
</tr> </tr>

22
manifests/firewall/iptables.pp
View File

@@ -6,22 +6,20 @@
class confdroid_ssh::firewall::iptables ( class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params { ) inherits confdroid_ssh::params {
if $ssh_use_firewall == true { case $ssh_use_firewall {
true, 'true', 'yes', '1': {
$ssh_fw_ensure = 'present'
}
default: {
$ssh_fw_ensure = 'absent'
}
}
firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}": firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
ensure => 'present', ensure => $ssh_fw_ensure,
proto => 'tcp', proto => 'tcp',
source => $ssh_source_range, source => $ssh_source_range,
dport => $ssh_fw_port, dport => $ssh_fw_port,
jump => 'accept', jump => 'accept',
} }
} }
if $ssh_use_firewall == false {
firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
ensure => 'absent',
proto => 'tcp',
source => $ssh_source_range,
dport => $ssh_fw_port,
jump => 'accept',
}
}
}