dust-deploy 0.4.2 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
- data/changelog.md +12 -0
- data/lib/dust/helper.rb +6 -1
- data/lib/dust/recipes/sshd.rb +73 -0
- data/lib/dust/version.rb +1 -1
- metadata +4 -3
data/changelog.md
CHANGED
@@ -1,6 +1,18 @@
|
|
1
1
|
Changelog
|
2
2
|
=============
|
3
3
|
|
4
|
+
0.4.3
|
5
|
+
------------
|
6
|
+
|
7
|
+
adds sshd recipe, which configures sshd_config. all sshd options are supported, with more or less intelligent default settings.
|
8
|
+
usage:
|
9
|
+
|
10
|
+
recipes:
|
11
|
+
sshd:
|
12
|
+
Port: 12345
|
13
|
+
X11Forward: yes
|
14
|
+
|
15
|
+
|
4
16
|
0.4.2
|
5
17
|
------------
|
6
18
|
|
data/lib/dust/helper.rb
CHANGED
@@ -32,6 +32,11 @@ class Hash
|
|
32
32
|
end
|
33
33
|
self
|
34
34
|
end
|
35
|
+
|
36
|
+
# converts each value to an array, so .each and .combine won't get hickups
|
37
|
+
def values_to_array!
|
38
|
+
self.each { |k, v| self[k] = [ self[k] ] unless self[k].is_a? Array }
|
39
|
+
end
|
35
40
|
end
|
36
41
|
|
37
42
|
# stole this from Afz902k who posted something similar at stackoverflow.com
|
@@ -69,4 +74,4 @@ module Dust
|
|
69
74
|
return false
|
70
75
|
end
|
71
76
|
end
|
72
|
-
end
|
77
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
class Sshd < Recipe
|
2
|
+
|
3
|
+
desc 'sshd:deploy', 'installs and configures the ssh server'
|
4
|
+
def deploy
|
5
|
+
return unless @node.install_package 'openssh-server'
|
6
|
+
|
7
|
+
generate_default_config
|
8
|
+
@config.values_to_array!
|
9
|
+
|
10
|
+
check_hostkeys
|
11
|
+
apply_configuration
|
12
|
+
|
13
|
+
@node.write '/etc/ssh/sshd_config', @sshd_config
|
14
|
+
restart_daemon
|
15
|
+
end
|
16
|
+
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
def default_config
|
21
|
+
{ 'Port' => 22,
|
22
|
+
'Protocol' => 2,
|
23
|
+
'AcceptEnv' => 'LANG LC_*',
|
24
|
+
'HostKey' => [ '/etc/ssh/ssh_host_dsa_key',
|
25
|
+
'/etc/ssh/ssh_host_ecdsa_key',
|
26
|
+
'/etc/ssh/ssh_host_rsa_key' ],
|
27
|
+
'PasswordAuthentication' => 'yes',
|
28
|
+
'ChallengeResponseAuthentication' => 'no',
|
29
|
+
'X11Forwarding' => 'yes',
|
30
|
+
'UsePAM' => 'yes',
|
31
|
+
'SyslogFacility' => 'AUTH',
|
32
|
+
'GSSAPIAuthentication' => 'no'
|
33
|
+
}
|
34
|
+
end
|
35
|
+
|
36
|
+
def generate_default_config
|
37
|
+
@config = default_config.merge @config
|
38
|
+
|
39
|
+
unless @config['sftp']
|
40
|
+
@config['Subsystem'] ||= 'sftp /usr/lib/openssh/sftp-server' if @node.uses_apt?
|
41
|
+
@config['Subsystem'] ||= 'sftp /usr/libexec/openssh/sftp-server' if @node.uses_rpm?
|
42
|
+
end
|
43
|
+
|
44
|
+
if @node.uses_rpm?
|
45
|
+
@config['SyslogFacility'] ||= 'AUTHPRIV'
|
46
|
+
@config['GSSAPIAuthentication'] ||= 'yes'
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def apply_configuration
|
51
|
+
@sshd_config = ''
|
52
|
+
@config.each do |key, values|
|
53
|
+
values.each { |value| @sshd_config.concat "#{key} #{value}\n" }
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
def check_hostkeys
|
58
|
+
@config['HostKey'].each do |hostkey|
|
59
|
+
unless @node.file_exists? hostkey, :quiet => true
|
60
|
+
::Dust.print_warning "hostkey '#{hostkey}' not found. removing from config"
|
61
|
+
@config['HostKey'].delete hostkey
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
def restart_daemon
|
67
|
+
daemon = 'ssh' if @node.uses_apt?
|
68
|
+
daemon = 'sshd' if @node.uses_rpm?
|
69
|
+
|
70
|
+
@node.restart_service daemon if @options.restart
|
71
|
+
@node.reload_service daemon if @options.reload
|
72
|
+
end
|
73
|
+
end
|
data/lib/dust/version.rb
CHANGED
metadata
CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
5
5
|
segments:
|
6
6
|
- 0
|
7
7
|
- 4
|
8
|
-
-
|
9
|
-
version: 0.4.
|
8
|
+
- 3
|
9
|
+
version: 0.4.3
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- kris kechagia
|
@@ -14,7 +14,7 @@ autorequire:
|
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2012-01-
|
17
|
+
date: 2012-01-19 00:00:00 +01:00
|
18
18
|
default_executable:
|
19
19
|
dependencies:
|
20
20
|
- !ruby/object:Gem::Dependency
|
@@ -145,6 +145,7 @@ files:
|
|
145
145
|
- lib/dust/recipes/repositories.rb
|
146
146
|
- lib/dust/recipes/resolv_conf.rb
|
147
147
|
- lib/dust/recipes/ssh_authorized_keys.rb
|
148
|
+
- lib/dust/recipes/sshd.rb
|
148
149
|
- lib/dust/recipes/unattended_upgrades.rb
|
149
150
|
- lib/dust/recipes/zabbix_agent.rb
|
150
151
|
- lib/dust/server.rb
|