Maintenance: GitLab GKE platform upgrade and software upgrade on Friday Oct. 22 at 9 p.m. Service may not be available between 9 p.m. and 9:20 p.m.

Commit a8a3004b authored by Adam Lewenberg's avatar Adam Lewenberg
Browse files

more instance variable cleanup

parent d6d037da
release/005.001 (2016-12-07) release/005.001 (2016-12-07)
Add "path" attributes to several exec resources. This will be required Add "path" attributes to several exec resources. This will be required
in the next version of Puppet [adamhl]. in the next version of Puppet. [adamhl]
[puppetclient] Replace "local" variables with what is really intended:
instance variables defined in the calling manifest (or defiend as a
Puppet fact). While not strictly necessary right now, in a future
version of Puppet will stop interpreting ERB local variables as
instance variables so we might as well fix them now. [adamhl]
[puppetclient] Remove some conditional code that made sense when we
used very old versions of Puppet. [adamhl]
[ssh] More of the instance variable cleanup. [adamhl]
[syslog] More of the instance variable cleanup. [adamhl]
[xinetd] More of the instance variable cleanup. [adamhl]
release/005.000 (2016-11-21) release/005.000 (2016-11-21)
......
...@@ -43,7 +43,7 @@ HostKey /etc/ssh/ssh_host_ed25519_key ...@@ -43,7 +43,7 @@ HostKey /etc/ssh/ssh_host_ed25519_key
LoginGraceTime 300 LoginGraceTime 300
# Prevent attackers from running long password guessing attacks. # Prevent attackers from running long password guessing attacks.
MaxAuthTries <%= max_tries %> MaxAuthTries <%= @max_tries %>
<% if @osfamily == 'RedHat' then -%> <% if @osfamily == 'RedHat' then -%>
# Some Red Hat systems are old enough that this has to be explicitly enabled. # Some Red Hat systems are old enough that this has to be explicitly enabled.
...@@ -54,9 +54,9 @@ UsePrivilegeSeparation yes ...@@ -54,9 +54,9 @@ UsePrivilegeSeparation yes
# since we use GSS-API (or passwords). # since we use GSS-API (or passwords).
IgnoreRhosts yes IgnoreRhosts yes
RSAAuthentication no RSAAuthentication no
PubkeyAuthentication <%= pubkey ? 'yes' : 'no' %> PubkeyAuthentication <%= @pubkey ? 'yes' : 'no' %>
RhostsRSAAuthentication no RhostsRSAAuthentication no
HostbasedAuthentication <%= hostbased ? 'yes' : 'no' %> HostbasedAuthentication <%= @hostbased ? 'yes' : 'no' %>
# Allow password authentication via PAM, but not empty passwords. # Allow password authentication via PAM, but not empty passwords.
ChallengeResponseAuthentication yes ChallengeResponseAuthentication yes
...@@ -115,7 +115,7 @@ Subsystem sftp /usr/libexec/openssh/sftp-server ...@@ -115,7 +115,7 @@ Subsystem sftp /usr/libexec/openssh/sftp-server
<% else -%> <% else -%>
Subsystem sftp /usr/lib/openssh/sftp-server Subsystem sftp /usr/lib/openssh/sftp-server
<% end -%> <% end -%>
<% if gitolite then -%> <% if @gitolite then -%>
# gitolite user should run through a wrapper to map it to actual user. # gitolite user should run through a wrapper to map it to actual user.
Match User gitolite Match User gitolite
......
...@@ -42,7 +42,7 @@ $KLogPermitNonKernelFacility on ...@@ -42,7 +42,7 @@ $KLogPermitNonKernelFacility on
$SystemLogRateLimitInterval 0 $SystemLogRateLimitInterval 0
<% end -%> <% end -%>
<% unless use_syslog_conf == 'false' || !use_syslog_conf -%> <% unless @use_syslog_conf == 'false' || !@use_syslog_conf -%>
# Include the syslog rules first so they can be overriden by rsyslog.d. # Include the syslog rules first so they can be overriden by rsyslog.d.
$IncludeConfig /etc/syslog.conf $IncludeConfig /etc/syslog.conf
......
# Managed by Puppet via xinetd::config class # Managed by Puppet via xinetd::config class
# default: on # default: on
# description: <%= description %> # description: <%= @description %>
service <%= service %> service <%= @service %>
{ {
disable = no disable = no
<% if name != service then -%> <% if @name != @service then -%>
id = <%= name %> id = <%= @name %>
<% end -%> <% end -%>
<% if server_type != '' then -%> <% if @server_type != '' then -%>
type = <%= server_type %> type = <%= @server_type %>
<% end -%> <% end -%>
<% if protocol != '' then -%> <% if @protocol != '' then -%>
protocol = <%= protocol %> protocol = <%= @protocol %>
<% end -%> <% end -%>
<% if port != '' then -%> <% if @port != '' then -%>
port = <%= port %> port = <%= @port %>
<% end -%> <% end -%>
<% if protocol == 'udp' then -%> <% if @protocol == 'udp' then -%>
socket_type = dgram socket_type = dgram
wait = yes wait = yes
<% else -%> <% else -%>
socket_type = stream socket_type = stream
wait = no wait = no
<% end -%> <% end -%>
<% if flags != '' then -%> <% if @flags != '' then -%>
flags = <%= flags %> flags = <%= @flags %>
<% end -%> <% end -%>
user = <%= user %> user = <%= @user %>
group = <%= group %> group = <%= @group %>
<% if server_type !~ /INTERNAL/ then -%> <% if @server_type !~ /INTERNAL/ then -%>
server = <%= server %> server = <%= @server %>
<% if server_args != '' then -%> <% if @server_args != '' then -%>
server_args = <%= server_args %> server_args = <%= @server_args %>
<% end -%> <% end -%>
libwrap = <%= server[/[^\/]+$/] %> <%- libwrap = @server[/[^\/]+$/] -%>
libwrap = <%= libwrap %>
<% end -%> <% end -%>
<% if cps != '' then -%> <% if @cps != '' then -%>
cps = <%= cps %> cps = <%= @cps %>
<% end -%> <% end -%>
<% if per_source != '' then -%> <% if @per_source != '' then -%>
per_source = <%= per_source %> per_source = <%= @per_source %>
<% end -%> <% end -%>
<% if instances != '' then -%> <% if @instances != '' then -%>
instances = <%= instances %> instances = <%= @instances %>
<% end -%> <% end -%>
<% if env != '' then -%> <% if @env != '' then -%>
env = <%= env %> env = <%= @env %>
<% end -%> <% end -%>
<% if log_type != 'NONE' then <% if @log_type != 'NONE' then
if (server_type !~ /INTERNAL/) and (protocol != 'udp') then if (@server_type !~ /INTERNAL/) and (@protocol != 'udp') then
if log_type != '' then -%> if @log_type != '' then -%>
log_type = SYSLOG <%= log_type %> log_type = SYSLOG <%= @log_type %>
<% else -%> <% else -%>
log_type = SYSLOG daemon log_type = SYSLOG daemon
<% end -%> <% end -%>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment