From 0c0f93a50fd3e1fb6137ee2d5058c0f0d9ee4333 Mon Sep 17 00:00:00 2001
From: Bill MacAllister <whm@stanford.edu>
Date: Thu, 12 Mar 2015 17:13:29 -0700
Subject: [PATCH] ssh: Modify sshd define to support content

It was possible to override the sshd_config file only with a complete
file.  This change allows the sshd_config file to be specified as a
template.
---
 NEWS                         | 9 +++++++--
 manifests/ssh/config/sshd.pp | 7 ++++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index dce936e..89250c1 100644
--- a/NEWS
+++ b/NEWS
@@ -1,9 +1,14 @@
-UNRELEASED (2015-??-??)
+release/004.033 (2015-03-13)
+
+    Modify the base::ssh::config::sshd define to allow the
+    specificaton of content or source.  This is required to support
+    host with special ssh requiremens like systems that use duo. (whm)
 
     Fix a missed hyphen in reference to class fragment-template in
     defense.pp. (adamhl)
 
-    [dns] Refactor dns into several files and a fix a small typo. (adamhl)
+    [dns] Refactor dns into several files and a fix a small
+    typo. (adamhl)
 
 release/004.032 (2015-03-06)
 
diff --git a/manifests/ssh/config/sshd.pp b/manifests/ssh/config/sshd.pp
index e0e1792..5c2605c 100644
--- a/manifests/ssh/config/sshd.pp
+++ b/manifests/ssh/config/sshd.pp
@@ -23,6 +23,7 @@ define base::ssh::config::sshd(
   $gitolite          = false,
   $hostbased         = false,
   $pubkey            = false,
+  $content           = undef,
   $source            = undef,
   $max_tries         = 5,
   $listen_addresses  = 'all',
@@ -31,7 +32,11 @@ define base::ssh::config::sshd(
   if $source {
     $template = undef
   } else {
-    $template = template('base/ssh/sshd_config.erb')
+    if $content {
+      $template = $content
+    } else {
+      $template = template('base/ssh/sshd_config.erb')
+    }
   }
   file { $name:
     ensure  => $ensure,
-- 
GitLab