## confdroid_ssh::main::files.pp
# Module name: confdroid_ssh
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary Class manages files
##############################################################################
class confdroid_ssh::main::files (
) inherits confdroid_ssh::params {
  require confdroid_ssh::main::dirs

  file { $sshd_config_path:
    ensure   => file,
    path     => $sshd_config_path,
    owner    => $sshd_user,
    group    => $sshd_user,
    mode     => '0640',
    selrange => s0,
    selrole  => object_r,
    seltype  => etc_t,
    seluser  => system_u,
    content  => template($sshd_config_erb),
    notify   => Service[$sshd_service],
  }

  if $ssh_manage_config {
    file { $sshd_custom_conf:
      ensure   => $ssh_custom_ensure,
      path     => $sshd_custom_conf,
      owner    => $sshd_user,
      group    => $sshd_user,
      mode     => '0640',
      selrange => s0,
      selrole  => object_r,
      seltype  => etc_t,
      seluser  => system_u,
      content  => template($sshd_custom_erb),
      notify   => Service[$sshd_service],
    }
    # we want the default root login setting to be managed by the custom conf, 
    # so we remove the default file if it exists
    file { $sshd_root_login_file:
      ensure => absent,
      path   => $sshd_root_login_file,
      notify => Service[$sshd_service],
    }
  }
}