confdroid/confdroid_ssh
1
0
Fork 0
Code Issues Projects Wiki Activity

Compare commits

base: confdroid:3335b44713bd84e3d98c2fd4e4950ff44fa3f459
Branches Tags
confdroid:master
confdroid:1.0.1-04.2026 confdroid:1.0.0-04.2026
..
compare: confdroid:dd82a787f7a2d4b42c05796a9930e130b7c62875
Branches Tags
confdroid:master
confdroid:1.0.1-04.2026 confdroid:1.0.0-04.2026

1 Commits
3335b44713 ... dd82a787f7

Author SHA1 Message Date
Jenkins
dd82a787f7 Merge branch 'jenkins-build-13' into 'master' 
Auto-merge for build 13

See merge request puppet/confdroid_ssh!13
 2026-04-09 14:57:56 +02:00
2 changed files with 33 additions and 27 deletions
Expand all files Collapse all files

32
doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -120,7 +120,9 @@
22
23
24
25</pre>
25
26
27</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span>
@@ -128,21 +130,23 @@
class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params {
case $ssh_use_firewall {
true, &#39;true&#39;, &#39;yes&#39;, &#39;1&#39;: {
$ssh_fw_ensure = &#39;present&#39;
}
default: {
$ssh_fw_ensure = &#39;absent&#39;
if $ssh_use_firewall == true {
firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; &#39;present&#39;,
proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;,
}
}
firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; $ssh_fw_ensure,
proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;,
if $ssh_use_firewall == false {
firewall { &quot;${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; &#39;absent&#39;,
proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;,
}
}
}</pre>
</td>

28
manifests/firewall/iptables.pp
View File

@@ -6,20 +6,22 @@
class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params {
case $ssh_use_firewall {
true, 'true', 'yes', '1': {
$ssh_fw_ensure = 'present'
}
default: {
$ssh_fw_ensure = 'absent'
if $ssh_use_firewall == true {
firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
ensure => 'present',
proto => 'tcp',
source => $ssh_source_range,
dport => $ssh_fw_port,
jump => 'accept',
}
}
firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
ensure => $ssh_fw_ensure,
proto => 'tcp',
source => $ssh_source_range,
dport => $ssh_fw_port,
jump => 'accept',
if $ssh_use_firewall == false {
firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
ensure => 'absent',
proto => 'tcp',
source => $ssh_source_range,
dport => $ssh_fw_port,
jump => 'accept',
}
}
}