## confdroid_ssh::custom::custom_config.pp
# Module name: confdroid_ssh
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary Class manages custom configurations for SSH
# @param [String] config_name name of the custom configuration file 
#   (without .conf extension)
# @param [Array[String]] config_content array of configuration lines to 
#   include in the custom config
# @example
#   confdroid_ssh::custom::custom_config { '50-test':
#    config_name    => '50-test',
#    config_content => ['PasswordAuthentication no'],
#  }
# this will create a file called /etc/ssh/sshd_config.d/50-test.conf with the content:
#   PasswordAuthentication no and notify the sshd service to reload the configuration
##############################################################################
define confdroid_ssh::custom::custom_config (

  String $config_name,
  Array[String] $config_content,

) {
  $sshd_custom_path  = $confdroid_ssh::params::sshd_custom_path
  $sshd_service      = $confdroid_ssh::params::sshd_service
  $custom_config_erb = 'confdroid_ssh/custom_config.erb'
  $config_basename   = regsubst($config_name, '\\.conf$', '')
  $config_file       = "${config_name}.conf"

  file { "${sshd_custom_path}/${config_file}":
    ensure   => file,
    owner    => 'root',
    group    => 'root',
    mode     => '0600',
    selrange => s0,
    selrole  => object_r,
    seltype  => etc_t,
    seluser  => system_u,
    content  => template($custom_config_erb),
    notify   => Service[$sshd_service],
  }
}