Showing with 88 additions and 4 deletions.

+1 −1 Modulefile

+12 −0 README.md

+11 −2 manifests/init.pp

+1 −1 metadata.json

+63 −0 spec/classes/init_spec.rb
diff --git a/Modulefile b/Modulefile
@@ -1,5 +1,5 @@
 name    'ghoneycutt-ssh'
-version '3.17.0'
+version '3.18.0'
 source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
 author 'ghoneycutt'
 license 'Apache License, Version 2.0'

diff --git a/README.md b/README.md
@@ -95,6 +95,12 @@ Boolean to set 'SendEnv XMODIFIERS' in ssh_config. This option is only valid on
 
 - *Default*: false
 
+ssh_config_template
+--------------------
+*string* The template used to generate ssh_config.
+
+- *Default*: 'ssh/ssh_config.erb'
+
 ssh_config_ciphers
 ------------------
 Array of ciphers to be used with the Ciphers option in ssh_config.
@@ -157,6 +163,12 @@ SyslogFacility option in sshd_config.
 
 - *Default*: 'AUTH'
 
+sshd_config_template
+--------------------
+*string* The template used to generate sshd_config.
+
+- *Default*: 'ssh/sshd_config.erb'
+
 sshd_config_login_grace_time
 ----------------------------
 LoginGraceTime option in sshd_config.

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -22,6 +22,7 @@
   $ssh_config_sendenv_xmodifiers    = false,
   $ssh_config_ciphers               = undef,
   $ssh_config_macs                  = undef,
+  $ssh_config_template              = 'ssh/ssh_config.erb',
   $ssh_sendenv                      = 'USE_DEFAULTS',
   $sshd_config_path                 = '/etc/ssh/sshd_config',
   $sshd_config_owner                = 'root',
@@ -30,6 +31,7 @@
   $sshd_config_mode                 = 'USE_DEFAULTS',
   $sshd_config_port                 = '22',
   $sshd_config_syslog_facility      = 'AUTH',
+  $sshd_config_template             = 'ssh/sshd_config.erb',
   $sshd_config_login_grace_time     = '120',
   $sshd_config_challenge_resp_auth  = 'yes',
   $sshd_config_print_motd           = 'yes',
@@ -479,6 +481,13 @@
     }
   }
 
+  #ssh_config template
+  validate_string($ssh_config_template)
+
+  #sshd_config template
+  validate_string($sshd_config_template)
+
+
   #loglevel
   $supported_loglevel_vals=['QUIET', 'FATAL', 'ERROR', 'INFO', 'VERBOSE']
   validate_re($sshd_config_loglevel, $supported_loglevel_vals)
@@ -524,7 +533,7 @@
     owner   => $ssh_config_owner,
     group   => $ssh_config_group,
     mode    => $ssh_config_mode,
-    content => template('ssh/ssh_config.erb'),
+    content => template($ssh_config_template),
     require => Package[$packages_real],
   }
 
@@ -534,7 +543,7 @@
     mode    => $sshd_config_mode_real,
     owner   => $sshd_config_owner,
     group   => $sshd_config_group,
-    content => template('ssh/sshd_config.erb'),
+    content => template($sshd_config_template),
     require => Package[$packages_real],
   }
 

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "ghoneycutt-ssh",
-  "version": "3.17.0",
+  "version": "3.18.0",
   "author": "ghoneycutt",
   "summary": "Manages SSH",
   "license": "Apache License, Version 2.0",

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -967,6 +967,69 @@
     end
   end
 
+
+  context 'when ssh_config_template has a nonstandard value' do
+    context 'and that value is not valid' do
+      let :facts do
+        {
+          :fqdn => 'monkey.example.com',
+          :osfamily  => 'RedHat',
+          :root_home => '/root',
+          :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+        }
+      end
+      let (:params) {{'ssh_config_template' => false}}
+      it 'should fail' do
+        expect { subject }.to raise_error(Puppet::Error, /is not a string/)
+      end
+    end
+    context 'and that value is valid' do
+      let :facts do
+        {
+          :fqdn => 'monkey.example.com',
+          :osfamily  => 'RedHat',
+          :root_home => '/root',
+          :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+        }
+      end
+      let (:params) {{'ssh_config_template' => 'ssh/sshd_config.erb'}}
+      it 'should lay down the ssh_config file from the specified template' do
+        should contain_file('ssh_config').with_content(/OpenBSD: sshd_config/)
+      end
+    end
+  end
+
+  context 'when sshd_config_template has a nonstandard value' do
+    context 'and that value is not valid' do
+      let :facts do
+        {
+          :fqdn => 'monkey.example.com',
+          :osfamily  => 'RedHat',
+          :root_home => '/root',
+          :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+        }
+      end
+      let (:params) {{'sshd_config_template' => false}}
+      it 'should fail' do
+        expect { subject }.to raise_error(Puppet::Error, /is not a string/)
+      end
+    end
+    context 'and that value is valid' do
+      let :facts do
+        {
+          :fqdn => 'monkey.example.com',
+          :osfamily  => 'RedHat',
+          :root_home => '/root',
+          :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+        }
+      end
+      let (:params) {{'sshd_config_template' => 'ssh/ssh_config.erb'}}
+      it 'should lay down the sshd_config file from the specified template' do
+        should contain_file('sshd_config').with_content(/OpenBSD: ssh_config/)
+      end
+    end
+  end
+
   context 'with manage_root_ssh_config set to \'true\' on valid osfamily' do
     let :facts do
       {