confdroid/confdroid_ssh
1
0
Fork 0
Code Issues Projects Wiki Activity

Compare commits

base: confdroid:3335b44713bd84e3d98c2fd4e4950ff44fa3f459
Branches Tags
confdroid:master
confdroid:1.0.1-04.2026 confdroid:1.0.0-04.2026
..
compare: confdroid:dd82a787f7a2d4b42c05796a9930e130b7c62875
Branches Tags
confdroid:master
confdroid:1.0.1-04.2026 confdroid:1.0.0-04.2026

1 Commits
3335b44713 ... dd82a787f7

Author SHA1 Message Date
Jenkins
dd82a787f7 Merge branch 'jenkins-build-13' into 'master' 
Auto-merge for build 13

See merge request puppet/confdroid_ssh!13
 2026-04-09 14:57:56 +02:00
2 changed files with 33 additions and 27 deletions
Expand all files Collapse all files

26
doc/puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -120,7 +120,9 @@
22 22
23 23
24 24
25</pre> 25
26
27</pre>
</td> </td>
<td> <td>
<pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span> <pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span>
@@ -128,22 +130,24 @@
class confdroid_ssh::firewall::iptables ( class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params { ) inherits confdroid_ssh::params {
case $ssh_use_firewall { if $ssh_use_firewall == true {
true, &#39;true&#39;, &#39;yes&#39;, &#39;1&#39;: {
$ssh_fw_ensure = &#39;present&#39;
}
default: {
$ssh_fw_ensure = &#39;absent&#39;
}
}
firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;: firewall { &quot;${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; $ssh_fw_ensure, ensure =&gt; &#39;present&#39;,
proto =&gt; &#39;tcp&#39;, proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range, source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port, dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;, jump =&gt; &#39;accept&#39;,
} }
}
if $ssh_use_firewall == false {
firewall { &quot;${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}&quot;:
ensure =&gt; &#39;absent&#39;,
proto =&gt; &#39;tcp&#39;,
source =&gt; $ssh_source_range,
dport =&gt; $ssh_fw_port,
jump =&gt; &#39;accept&#39;,
}
}
}</pre> }</pre>
</td> </td>
</tr> </tr>

22
manifests/firewall/iptables.pp
View File

@@ -6,20 +6,22 @@
class confdroid_ssh::firewall::iptables ( class confdroid_ssh::firewall::iptables (
) inherits confdroid_ssh::params { ) inherits confdroid_ssh::params {
case $ssh_use_firewall { if $ssh_use_firewall == true {
true, 'true', 'yes', '1': {
$ssh_fw_ensure = 'present'
}
default: {
$ssh_fw_ensure = 'absent'
}
}
firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}": firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
ensure => $ssh_fw_ensure, ensure => 'present',
proto => 'tcp', proto => 'tcp',
source => $ssh_source_range, source => $ssh_source_range,
dport => $ssh_fw_port, dport => $ssh_fw_port,
jump => 'accept', jump => 'accept',
} }
} }
if $ssh_use_firewall == false {
firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
ensure => 'absent',
proto => 'tcp',
source => $ssh_source_range,
dport => $ssh_fw_port,
jump => 'accept',
}
}
}