Commit a8a3004b authored by Adam Lewenberg's avatar Adam Lewenberg
Browse files

more instance variable cleanup

parent d6d037da
release/005.001 (2016-12-07)
Add "path" attributes to several exec resources. This will be required
in the next version of Puppet [adamhl].
in the next version of Puppet. [adamhl]
[puppetclient] Replace "local" variables with what is really intended:
instance variables defined in the calling manifest (or defiend as a
Puppet fact). While not strictly necessary right now, in a future
version of Puppet will stop interpreting ERB local variables as
instance variables so we might as well fix them now. [adamhl]
[puppetclient] Remove some conditional code that made sense when we
used very old versions of Puppet. [adamhl]
[ssh] More of the instance variable cleanup. [adamhl]
[syslog] More of the instance variable cleanup. [adamhl]
[xinetd] More of the instance variable cleanup. [adamhl]
release/005.000 (2016-11-21)
......
......@@ -43,7 +43,7 @@ HostKey /etc/ssh/ssh_host_ed25519_key
LoginGraceTime 300
# Prevent attackers from running long password guessing attacks.
MaxAuthTries <%= max_tries %>
MaxAuthTries <%= @max_tries %>
<% if @osfamily == 'RedHat' then -%>
# Some Red Hat systems are old enough that this has to be explicitly enabled.
......@@ -54,9 +54,9 @@ UsePrivilegeSeparation yes
# since we use GSS-API (or passwords).
IgnoreRhosts yes
RSAAuthentication no
PubkeyAuthentication <%= pubkey ? 'yes' : 'no' %>
PubkeyAuthentication <%= @pubkey ? 'yes' : 'no' %>
RhostsRSAAuthentication no
HostbasedAuthentication <%= hostbased ? 'yes' : 'no' %>
HostbasedAuthentication <%= @hostbased ? 'yes' : 'no' %>
# Allow password authentication via PAM, but not empty passwords.
ChallengeResponseAuthentication yes
......@@ -115,7 +115,7 @@ Subsystem sftp /usr/libexec/openssh/sftp-server
<% else -%>
Subsystem sftp /usr/lib/openssh/sftp-server
<% end -%>
<% if gitolite then -%>
<% if @gitolite then -%>
# gitolite user should run through a wrapper to map it to actual user.
Match User gitolite
......
......@@ -42,7 +42,7 @@ $KLogPermitNonKernelFacility on
$SystemLogRateLimitInterval 0
<% end -%>
<% unless use_syslog_conf == 'false' || !use_syslog_conf -%>
<% unless @use_syslog_conf == 'false' || !@use_syslog_conf -%>
# Include the syslog rules first so they can be overriden by rsyslog.d.
$IncludeConfig /etc/syslog.conf
......
# Managed by Puppet via xinetd::config class
# default: on
# description: <%= description %>
service <%= service %>
# description: <%= @description %>
service <%= @service %>
{
disable = no
<% if name != service then -%>
id = <%= name %>
<% if @name != @service then -%>
id = <%= @name %>
<% end -%>
<% if server_type != '' then -%>
type = <%= server_type %>
<% if @server_type != '' then -%>
type = <%= @server_type %>
<% end -%>
<% if protocol != '' then -%>
protocol = <%= protocol %>
<% if @protocol != '' then -%>
protocol = <%= @protocol %>
<% end -%>
<% if port != '' then -%>
port = <%= port %>
<% if @port != '' then -%>
port = <%= @port %>
<% end -%>
<% if protocol == 'udp' then -%>
<% if @protocol == 'udp' then -%>
socket_type = dgram
wait = yes
<% else -%>
socket_type = stream
wait = no
<% end -%>
<% if flags != '' then -%>
flags = <%= flags %>
<% if @flags != '' then -%>
flags = <%= @flags %>
<% end -%>
user = <%= user %>
group = <%= group %>
<% if server_type !~ /INTERNAL/ then -%>
server = <%= server %>
<% if server_args != '' then -%>
server_args = <%= server_args %>
user = <%= @user %>
group = <%= @group %>
<% if @server_type !~ /INTERNAL/ then -%>
server = <%= @server %>
<% if @server_args != '' then -%>
server_args = <%= @server_args %>
<% end -%>
libwrap = <%= server[/[^\/]+$/] %>
<%- libwrap = @server[/[^\/]+$/] -%>
libwrap = <%= libwrap %>
<% end -%>
<% if cps != '' then -%>
cps = <%= cps %>
<% if @cps != '' then -%>
cps = <%= @cps %>
<% end -%>
<% if per_source != '' then -%>
per_source = <%= per_source %>
<% if @per_source != '' then -%>
per_source = <%= @per_source %>
<% end -%>
<% if instances != '' then -%>
instances = <%= instances %>
<% if @instances != '' then -%>
instances = <%= @instances %>
<% end -%>
<% if env != '' then -%>
env = <%= env %>
<% if @env != '' then -%>
env = <%= @env %>
<% end -%>
<% if log_type != 'NONE' then
if (server_type !~ /INTERNAL/) and (protocol != 'udp') then
if log_type != '' then -%>
log_type = SYSLOG <%= log_type %>
<% if @log_type != 'NONE' then
if (@server_type !~ /INTERNAL/) and (@protocol != 'udp') then
if @log_type != '' then -%>
log_type = SYSLOG <%= @log_type %>
<% else -%>
log_type = SYSLOG daemon
<% end -%>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment