Re: [Puppet Users] saz-ssh, hiera and options

Tue, 02 May 2023 08:29:49 -0700 

Thank you Martin, adding the following example to my 
*nodes/myserversfqdn.yaml* did it for me.

ssh::server::match_block:
  '*,!that_other_group':
    type: group
    options:
      ForceCommand: '/usr/bin/kpasswd'

I have another question, how can I specify different values in Hiera for 
different operating systems?

For example *AuthorizedKeysCommand* needs a different value in Linux and 
FreeBSD?
  
On Tuesday, May 2, 2023 at 3:51:20 AM UTC-4 Martin Alfke wrote:

> Hi,
>
> Ssh::server class has a parameter called “match_block” which calls a 
> defined type:
>
> https://github.com/saz/puppet-ssh/blob/master/manifests/server/match_block.pp
>
> The defined type uses a template:
>
> https://github.com/saz/puppet-ssh/blob/master/templates/sshd_match_block.erb
>
> A hiera example is in the docs:
> https://forge.puppet.com/modules/saz/ssh/readme#hiera-example
>
> Hth,
> Martin
>
>
> On 1. May 2023, at 23:08, Laci D <lac...@gmail.com> wrote:
>
> Hi,
>
> I'm using *saz-ssh* to configure sshd_config, options are stored in 
> Hiera. I didn't find the way how to implement "Match user/group", for 
> example:
>
> Match group *, !not_that_group
> 'ForceCommand' => 'internal-sftp',
>
> I did see the example <https://forge.puppet.com/modules/saz/ssh/readme> but 
> when I add that to my manifests/profiles/ssh.pp then Puppet is 
> complaining and I'm not seeing how to configure it using Hiera.
>
> Any ideas?
>  
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7ea988f3-c68d-45f7-a7f8-cf37929a09fcn%40googlegroups.com.

Reply via email to