sshd.pp

# Create the sshd configuration.

# listen_addresses: If you want to restrict the ssh service to listen only at
# certain addresses, specify with this parameter. Enter them as a
# comma-delimited list.
#
# Examples:
# listen_addresses => '192.168.1.1,192.168.2.1'
# listen_addresses => '192.168.1.1:22,192.168.2.1'
#
# See the sshd_config man page for what constitutes valid entries.
#
# If list_addresses is omitted, then the ListenAddress directive will be
# omitted from the sshd configuration file (which is equivalent to having
# sshd listen at _all_ addresses).


define base::ssh::config::sshd(
  $ensure           = 'present',
  $gitolite         = false,
  $hostbased        = false,
  $pubkey           = false,
  $source           = undef,
  $max_tries        = 5,
  $listen_addresses = 'all',
) {
  if $source {
    $template = undef
  } else {
    $template = template('base/ssh/sshd_config.erb')
  }
  file { $name:
    ensure  => $ensure,
    source  => $source,
    content => $template,
    notify  => Service['ssh'],
  }
}