ssh: Install on cygwin

246519aa · James T. Lee · 4cc6fe80 · 246519aa · 246519aa · 246519aa
Commit 246519aa authored Feb 15, 2019 by James T. Lee
Showing with 64 additions and 51 deletions

manifests/profile/base.pp manifests/profile/base.pp +1 -1

manifests/profile/base/ssh.pp manifests/profile/base/ssh.pp +52 -42

manifests/profile/base/users.pp manifests/profile/base/users.pp +11 -8

No files found.
--- a/manifests/profile/base.pp
+++ b/manifests/profile/base.pp
@@ -3,6 +3,7 @@ class nest::profile::base {
  contain '::nest::profile::base::git'
  contain '::nest::profile::base::packages'
  contain '::nest::profile::base::qemu'
+  contain '::nest::profile::base::ssh'
  contain '::nest::profile::base::users'
  # Git should be installed before managing any Vcsrepos
@@ -22,7 +23,6 @@ class nest::profile::base {
      contain '::nest::profile::base::network'
      contain '::nest::profile::base::openvpn'
      contain '::nest::profile::base::portage'
-      contain '::nest::profile::base::ssh'
      contain '::nest::profile::base::sudo'
      contain '::nest::profile::base::systemd'
      contain '::nest::profile::base::zfs'

--- a/manifests/profile/base/ssh.pp
+++ b/manifests/profile/base/ssh.pp
 class nest::profile::base::ssh {
-  nest::portage::package_use { 'net-misc/openssh':
+  case $facts['osfamily'] {
-    use => 'kerberos',
+    'Gentoo': {
-  }
+      nest::portage::package_use { 'net-misc/openssh':
+        use => 'kerberos',
+      }
-  package { 'net-misc/openssh':
+      package { 'net-misc/openssh':
-    ensure => installed,
+        ensure => installed,
-  }
+      }
-  file_line {
+      file_line {
-    default:
+        default:
-      path    => '/etc/ssh/sshd_config',
+          path    => '/etc/ssh/sshd_config',
-      require => Package['net-misc/openssh'],
+          require => Package['net-misc/openssh'],
-      notify  => Service['sshd'];
+          notify  => Service['sshd'];
-    'sshd_config-ChallengeResponseAuthentication':
+        'sshd_config-ChallengeResponseAuthentication':
-      line  => 'ChallengeResponseAuthentication no',
+          line  => 'ChallengeResponseAuthentication no',
-      match => '^#?ChallengeResponseAuthentication ';
+          match => '^#?ChallengeResponseAuthentication ';
-    'sshd_config-X11Forwarding':
+        'sshd_config-X11Forwarding':
-      line  => 'X11Forwarding yes',
+          line  => 'X11Forwarding yes',
-      match => '^#?X11Forwarding ';
+          match => '^#?X11Forwarding ';
-  }
+      }
-  service { 'sshd':
+      service { 'sshd':
-    enable => true,
+        enable => true,
-  }
+      }
-  file { '/etc/systemd/user/ssh-agent.service':
+      file { '/etc/systemd/user/ssh-agent.service':
-    mode   => '0644',
+        mode   => '0644',
-    owner  => 'root',
+        owner  => 'root',
-    group  => 'root',
+        group  => 'root',
-    source => 'puppet:///modules/nest/ssh/ssh-agent.service',
+        source => 'puppet:///modules/nest/ssh/ssh-agent.service',
-    notify => Exec['ssh-systemd-daemon-reload'],
+        notify => Exec['ssh-systemd-daemon-reload'],
-  }
+      }
-  exec { 'ssh-systemd-daemon-reload':
+      exec { 'ssh-systemd-daemon-reload':
-    command     => '/bin/systemctl daemon-reload',
+        command     => '/bin/systemctl daemon-reload',
-    refreshonly => true,
+        refreshonly => true,
-  }
+      }
-  exec { 'ssh-agent-enable-systemd-user-service':
+      exec { 'ssh-agent-enable-systemd-user-service':
-    command => '/bin/systemctl --user --global enable ssh-agent.service',
+        command => '/bin/systemctl --user --global enable ssh-agent.service',
-    creates => '/etc/systemd/user/default.target.wants/ssh-agent.service',
+        creates => '/etc/systemd/user/default.target.wants/ssh-agent.service',
-    require => File['/etc/systemd/user/ssh-agent.service'],
+        require => File['/etc/systemd/user/ssh-agent.service'],
-  }
+      }
+      # XXX: Remove this after 20170719
+      file_line { 'pam_env.conf-SSH_AUTH_SOCK':
+        ensure => absent,
+        path   => '/etc/security/pam_env.conf',
+        line   => 'SSH_AUTH_SOCK	DEFAULT="${XDG_RUNTIME_DIR}/ssh-agent.socket"',
+      }
+    }
-  # XXX: Remove this after 20170719
+    'windows': {
-  file_line { 'pam_env.conf-SSH_AUTH_SOCK':
+      package { 'openssh':
-    ensure => absent,
+        ensure => installed,
-    path   => '/etc/security/pam_env.conf',
+      }
-    line   => 'SSH_AUTH_SOCK	DEFAULT="${XDG_RUNTIME_DIR}/ssh-agent.socket"',
+    }
  }
 }
--- a/manifests/profile/base/users.pp
+++ b/manifests/profile/base/users.pp
@@ -209,7 +209,10 @@ class nest::profile::base::users {
      ::nest::cygwin_home_perms { 'post-refresh':
        user    => $user,
-        require => Exec["refresh-${user}-dotfiles"],
+        require => [
+          Exec["refresh-${user}-dotfiles"],
+          File["${vcsrepo_dir}/.ssh/id_rsa"],
+        ],
      }
    } else {
      exec { "${dir}/.refresh":
@@ -218,14 +221,14 @@ class nest::profile::base::users {
        refreshonly => true,
        subscribe   => Vcsrepo[$vcsrepo_dir],
      }
+    }
-      file { "${dir}/.ssh/id_rsa":
+    file { "${vcsrepo_dir}/.ssh/id_rsa":
-        mode      => '0600',
+      mode      => '0600',
-        owner     => $user,
+      owner     => $user,
-        content   => $::nest::ssh_private_key,
+      content   => $::nest::ssh_private_key,
-        show_diff => false,
+      show_diff => false,
-        require   => Vcsrepo[$vcsrepo_dir],
+      require   => Vcsrepo[$vcsrepo_dir],
-      }
    }
  }
 }