Showing with 66 additions and 8 deletions.

+5 −0 README.md

+17 −7 manifests/init.pp

+1 −1 metadata.json

+43 −0 spec/classes/init_spec.rb
diff --git a/README.md b/README.md
@@ -606,6 +606,11 @@ Content of root's ~/.ssh/config.
 
 - *Default*: "# This file is being maintained by Puppet.\n# DO NOT EDIT\n"
 
+manage_service
+--------------
+Manage the sshd service through this module or not.  Valid values are 'true' and 'false'.
+
+- *Default*: 'true'
 
 ===
 # Manage user's ssh_authorized_keys

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -78,6 +78,7 @@
   $sshd_hostbasedauthentication        = 'no',
   $sshd_ignoreuserknownhosts           = 'no',
   $sshd_ignorerhosts                   = 'yes',
+  $manage_service                      = true,
   $service_ensure                      = 'running',
   $service_name                        = 'USE_DEFAULTS',
   $service_enable                      = true,
@@ -580,6 +581,13 @@
   }
   validate_bool($purge_keys_real)
 
+  if type3x($manage_service) == 'string' {
+    $manage_service_real = str2bool($manage_service)
+  } else {
+    $manage_service_real = $manage_service
+  }
+  validate_bool($manage_service_real)
+
   if type3x($service_enable) == 'string' {
     $service_enable_real = str2bool($service_enable)
   } else {
@@ -703,13 +711,15 @@
     }
   }
 
-  service { 'sshd_service' :
-    ensure     => $service_ensure,
-    name       => $service_name_real,
-    enable     => $service_enable_real,
-    hasrestart => $service_hasrestart_real,
-    hasstatus  => $service_hasstatus_real,
-    subscribe  => File['sshd_config'],
+  if $manage_service_real {
+    service { 'sshd_service' :
+      ensure     => $service_ensure,
+      name       => $service_name_real,
+      enable     => $service_enable_real,
+      hasrestart => $service_hasrestart_real,
+      hasstatus  => $service_hasstatus_real,
+      subscribe  => File['sshd_config'],
+    }
   }
 
   if $manage_firewall == true {

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "ghoneycutt-ssh",
-  "version": "3.31.0",
+  "version": "3.32.0",
   "author": "ghoneycutt",
   "summary": "Manages SSH",
   "license": "Apache-2.0",

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -3371,4 +3371,47 @@
       end
     end
   end
+
+  describe 'with parameter manage_service' do
+    let(:facts) do
+      { :fqdn      => 'monkey.example.com',
+        :osfamily  => 'RedHat',
+        :sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
+      }
+    end
+
+    ['YES','badvalue',2.42,['array'],a = { 'ha' => 'sh' }].each do |value|
+      context "specified as invalid value #{value} (as #{value.class})" do
+        let(:params) { { :manage_service => value } }
+        it do
+          expect {
+            should contain_class('ssh')
+          }.to raise_error(Puppet::Error,/(is not a boolean|Unknown type of boolean)/)
+        end
+      end
+    end
+
+    ['true', true].each do |value|
+      context "specified as valid true value #{value} (as #{value.class})" do
+        let(:params) { { :manage_service => value } }
+        it do
+          expect {
+            should contain_service('sshd_service')
+          }
+        end
+      end
+    end
+
+    ['false', false].each do |value|
+      context "specified as valid false value #{value} (as #{value.class})" do
+        let(:params) { { :manage_service => value } }
+        it do
+          expect {
+            should_not contain_service('sshd_service')
+          }
+        end
+      end
+    end
+  end
+
 end