Re: [Puppet Users] saz-ssh, hiera and options

Tue, 02 May 2023 08:29:49 -0700 

Thank you Martin, adding the following example to my 
*nodes/myserversfqdn.yaml* did it for me.

ssh::server::match_block:
  '*,!that_other_group':
    type: group
    options:
      ForceCommand: '/usr/bin/kpasswd'

I have another question, how can I specify different values in Hiera for 
different operating systems?

For example *AuthorizedKeysCommand* needs a different value in Linux and 
FreeBSD?
  
On Tuesday, May 2, 2023 at 3:51:20 AM UTC-4 Martin Alfke wrote:

> Hi,
>
> Ssh::server class has a parameter called “match_block” which calls a 
> defined type:
>
> https://github.com/saz/puppet-ssh/blob/master/manifests/server/match_block.pp
>
> The defined type uses a template:
>
> https://github.com/saz/puppet-ssh/blob/master/templates/sshd_match_block.erb
>
> A hiera example is in the docs:
> https://forge.puppet.com/modules/saz/ssh/readme#hiera-example
>
> Hth,
> Martin
>
>
> On 1. May 2023, at 23:08, Laci D <[email protected]> wrote:
>
> Hi,
>
> I'm using *saz-ssh* to configure sshd_config, options are stored in 
> Hiera. I didn't find the way how to implement "Match user/group", for 
> example:
>
> Match group *, !not_that_group
> 'ForceCommand' => 'internal-sftp',
>
> I did see the example <https://forge.puppet.com/modules/saz/ssh/readme> but 
> when I add that to my manifests/profiles/ssh.pp then Puppet is 
> complaining and I'm not seeing how to configure it using Hiera.
>
> Any ideas?
>  
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to [email protected].
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7ea988f3-c68d-45f7-a7f8-cf37929a09fcn%40googlegroups.com.

Reply via email to