X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fportforwarder%2Fmanifests%2Finit.pp;h=9cb62f60724bf3d45f2efc176744b3582896832f;hb=50d609a31adea8d5d54f372c73a8dcda93fd478d;hp=cf83ba593a4d9f2633f2e13acd3126f44cc8c5cc;hpb=45d6f1e581f8c26d50eeb28fd2e098473a0ffb9f;p=mirror%2Fdsa-puppet.git diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp index cf83ba593..9cb62f607 100644 --- a/modules/portforwarder/manifests/init.pp +++ b/modules/portforwarder/manifests/init.pp @@ -1,30 +1,33 @@ class portforwarder { - # do not depend on xinetd, yet. it might uninstall other inetds - # for now this will have to be done manually - file { - "/etc/ssh/userkeys/portforwarder": - content => template("portforwarder/authorized_keys.erb"), - mode => 444, - ; - "/etc/xined.d": - ensure => directory, - owner => root, - group => root, - mode => 755, - ; - "/etc/xinetd.d/dsa-portforwader": - content => template("portforwarder/xinetd.erb"), - notify => Exec["xinetd reload"] - ; - } + # do not depend on xinetd, yet. it might uninstall other inetds + # for now this will have to be done manually - exec { - "xinetd reload": - path => "/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin", - refreshonly => true, - ; - } + if $::portforwarder_user_exists { + ssh::keygen {'portforwarder': } + + file { '/etc/ssh/userkeys/portforwarder': + content => template('portforwarder/authorized_keys.erb'), + } + file { '/etc/xinetd.d': + ensure => directory, + owner => root, + group => root, + mode => '0755', + } + file { '/etc/xinetd.d/dsa-portforwader': + content => template('portforwarder/xinetd.erb'), + notify => Exec['service xinetd reload'] + } + + exec { 'service xinetd reload': + refreshonly => true, + } + } else { + file { [ + '/etc/ssh/userkeys/portforwarder', + '/etc/xinetd.d/dsa-portforwader', + ]: + ensure => 'absent', + } + } } -# vim:set et: -# vim:set ts=4: -# vim:set shiftwidth=4: