diff --git a/manifests/client.pp b/manifests/client.pp index a554eb8..5c7c2bd 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -1,42 +1,42 @@ class ssh::client( String $ensure = present, Boolean $storeconfigs_enabled = true, Hash $options = {}, Boolean $use_augeas = false, Array $options_absent = [], ) inherits ssh::params { # Merge hashes from multiple layer of hierarchy in hiera - $hiera_options = lookup("${module_name}::client::options", Optional[Hash], 'deep', undef) + $hiera_options = lookup("${module_name}::client::options", Optional[Hash], 'deep', {}) $fin_options = deep_merge($hiera_options, $options) if $use_augeas { $merged_options = sshclient_options_to_augeas_ssh_config($fin_options, $options_absent, { 'target' => $::ssh::params::ssh_config }) } else { $merged_options = merge($fin_options, delete($ssh::params::ssh_default_options, keys($fin_options))) } include ::ssh::client::install include ::ssh::client::config anchor { 'ssh::client::start': } anchor { 'ssh::client::end': } # Provide option to *not* use storeconfigs/puppetdb, which means not managing # hostkeys and knownhosts if ($storeconfigs_enabled) { include ::ssh::knownhosts Anchor['ssh::client::start'] -> Class['ssh::client::install'] -> Class['ssh::client::config'] -> Class['ssh::knownhosts'] -> Anchor['ssh::client::end'] } else { Anchor['ssh::client::start'] -> Class['ssh::client::install'] -> Class['ssh::client::config'] -> Anchor['ssh::client::end'] } } diff --git a/manifests/init.pp b/manifests/init.pp index 923b28c..4f3130f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,55 +1,55 @@ # Main file for puppet-ssh class ssh ( Hash $server_options = {}, Hash $server_match_block = {}, Hash $client_options = {}, Hash $users_client_options = {}, String $version = 'present', Boolean $storeconfigs_enabled = true, Boolean $validate_sshd_file = $::ssh::params::validate_sshd_file, Boolean $use_augeas = false, Array $server_options_absent = [], Array $client_options_absent = [], Boolean $use_issue_net = false, Boolean $purge_unmanaged_sshkeys = true, ) inherits ssh::params { # Merge hashes from multiple layer of hierarchy in hiera - $hiera_server_options = lookup("${module_name}::server_options", Optional[Hash], 'deep', undef) - $hiera_server_match_block = lookup("${module_name}::server_match_block", Optional[Hash], 'deep', undef) - $hiera_client_options = lookup("${module_name}::client_options", Optional[Hash], 'deep', undef) - $hiera_users_client_options = lookup("${module_name}::users_client_options", Optional[Hash], 'deep', undef) + $hiera_server_options = lookup("${module_name}::server_options", Optional[Hash], 'deep', {}) + $hiera_server_match_block = lookup("${module_name}::server_match_block", Optional[Hash], 'deep', {}) + $hiera_client_options = lookup("${module_name}::client_options", Optional[Hash], 'deep', {}) + $hiera_users_client_options = lookup("${module_name}::users_client_options", Optional[Hash], 'deep', {}) $fin_server_options = deep_merge($hiera_server_options, $server_options) $fin_server_match_block = deep_merge($hiera_server_match_block, $server_match_block) $fin_client_options = deep_merge($hiera_client_options, $client_options) $fin_users_client_options = deep_merge($hiera_users_client_options, $users_client_options) class { '::ssh::server': ensure => $version, storeconfigs_enabled => $storeconfigs_enabled, options => $fin_server_options, validate_sshd_file => $validate_sshd_file, use_augeas => $use_augeas, options_absent => $server_options_absent, use_issue_net => $use_issue_net, } class { '::ssh::client': ensure => $version, storeconfigs_enabled => $storeconfigs_enabled, options => $fin_client_options, use_augeas => $use_augeas, options_absent => $client_options_absent, } # If host keys are being managed, optionally purge unmanaged ones as well. if ($storeconfigs_enabled and $purge_unmanaged_sshkeys) { resources { 'sshkey': purge => true, } } create_resources('::ssh::client::config::user', $fin_users_client_options) create_resources('::ssh::server::match_block', $fin_server_match_block) } diff --git a/manifests/server.pp b/manifests/server.pp index e7f65a5..ed229a5 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -1,54 +1,54 @@ class ssh::server( String $ensure = present, Boolean $storeconfigs_enabled = true, Hash $options = {}, Boolean $validate_sshd_file = false, Boolean $use_augeas = false, Array $options_absent = [], Hash $match_block = {}, Boolean $use_issue_net = false ) inherits ssh::params { # Merge hashes from multiple layer of hierarchy in hiera - $hiera_options = lookup("${module_name}::server::options", Optional[Hash], 'deep', undef) - $hiera_match_block = lookup("${module_name}::server::match_block", Optional[Hash], 'deep', undef) + $hiera_options = lookup("${module_name}::server::options", Optional[Hash], 'deep', {}) + $hiera_match_block = lookup("${module_name}::server::match_block", Optional[Hash], 'deep', {}) $fin_options = deep_merge($hiera_options, $options) $fin_match_block = deep_merge($hiera_match_block, $match_block) if $use_augeas { $merged_options = sshserver_options_to_augeas_sshd_config($fin_options, $options_absent, { 'target' => $::ssh::params::sshd_config }) } else { $merged_options = deep_merge($ssh::params::sshd_default_options, $fin_options) } include ::ssh::server::install include ::ssh::server::config include ::ssh::server::service anchor { 'ssh::server::start': } anchor { 'ssh::server::end': } # Provide option to *not* use storeconfigs/puppetdb, which means not managing # hostkeys and knownhosts if ($storeconfigs_enabled) { include ::ssh::hostkeys include ::ssh::knownhosts Anchor['ssh::server::start'] -> Class['ssh::server::install'] -> Class['ssh::server::config'] ~> Class['ssh::server::service'] -> Class['ssh::hostkeys'] -> Class['ssh::knownhosts'] -> Anchor['ssh::server::end'] } else { Anchor['ssh::server::start'] -> Class['ssh::server::install'] -> Class['ssh::server::config'] ~> Class['ssh::server::service'] -> Anchor['ssh::server::end'] } create_resources('::ssh::server::match_block', $fin_match_block) }