You can easily do that with an Operating System-specific layer to your
hiera. Add something like `os/$facts['osfamily'].yaml` to your hiera.yaml.
Then, you can have a FreeBSD.yaml, and a Debian.yaml in your hiera data.
(Ubuntu is part of the Debian OS Family.)
Put the proper parameter block
This works if I configure it for each individual server. Thank you!
I was wondering if there is a way to have a different path for
*AuthorizedKeysCommand
*based on the operating system rather than every single server?
I think an alternative could be in the manifest file something like:
case
The main ssh class has the parameter server_options:
# @param options
# Dynamic hash for openssh server option
ssh::server_options:
AuthorizedKeysCommand: ‘/path/to/command’
If you are using ssh::server class, the parameter ssh::server::options must be
used.
> On 2. May 2023, at 17:29, Laci
Thank you Martin, adding the following example to my
*nodes/myserversfqdn.yaml* did it for me.
ssh::server::match_block:
'*,!that_other_group':
type: group
options:
ForceCommand: '/usr/bin/kpasswd'
I have another question, how can I specify different values in Hiera for
Hi,
Ssh::server class has a parameter called “match_block” which calls a defined
type:
https://github.com/saz/puppet-ssh/blob/master/manifests/server/match_block.pp
The defined type uses a template:
https://github.com/saz/puppet-ssh/blob/master/templates/sshd_match_block.erb
A hiera example is