From 45d6f1e581f8c26d50eeb28fd2e098473a0ffb9f Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 21 Feb 2010 15:15:28 +0100 Subject: [PATCH] And produce an xinetd snippet --- modules/portforwarder/manifests/init.pp | 8 ++--- modules/portforwarder/templates/xinetd.erb | 42 ++++++++++++++++++++++ 2 files changed, 46 insertions(+), 4 deletions(-) create mode 100644 modules/portforwarder/templates/xinetd.erb diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp index 54dedb854..cf83ba593 100644 --- a/modules/portforwarder/manifests/init.pp +++ b/modules/portforwarder/manifests/init.pp @@ -12,10 +12,10 @@ class portforwarder { group => root, mode => 755, ; - #"/etc/xinetd.d/dsa-portforwader": - # content => template("portforwarder/xinetd.erb"), - # notify => Exec["xinetd reload"] - # ; + "/etc/xinetd.d/dsa-portforwader": + content => template("portforwarder/xinetd.erb"), + notify => Exec["xinetd reload"] + ; } exec { diff --git a/modules/portforwarder/templates/xinetd.erb b/modules/portforwarder/templates/xinetd.erb new file mode 100644 index 000000000..6d65e5cf2 --- /dev/null +++ b/modules/portforwarder/templates/xinetd.erb @@ -0,0 +1,42 @@ +<%= +lines = [] + +template = 'service @@TARGET_HOST@@@@TARGET_PORT@@ +{ + protocol = tcp + port = @@LOCAL_BIND@@ + type = UNLISTED + + bind = 127.0.0.1 + socket_type = stream + wait = no + user = portforwarder + group = portforwarder + instances = 10 + server = /usr/bin/ssh + server_args = -o PreferredAuthentications=publickey -o EscapeChar=none -C @@TARGET_HOST@@ : nothing + cps = 0 0 +} +' + +config = YAML.load(File.open('/etc/puppet/modules/portforwarder/misc/config.yaml').read) +if config[fqdn] + config[fdqn].each do |service| + target_port = service['target_port'] + target_host = service['target_host'] + local_bind = service['source_bind_port'] + + lines << "# from #{sourcehost} on local port #{service['source_bind_port']}" + if target_port.nil? or target_host.nil? or local_bind.nil? + lines << "# insufficient config values" + else + p = template.clone + p.gsub!('@@TARGET_HOST@@', target_host) + p.gsub!('@@TARGET_PORT@@', target_port) + p.gsub!('@@LOCLA_BIND@@', local_bind) + lines << p + end + end +end +lines.join("\n") +%> -- 2.20.1