Dzahn has uploaded a new change for review.
https://gerrit.wikimedia.org/r/172803
Change subject: ssh server: make ListenAddress configurable
......................................................................
ssh server: make ListenAddress configurable
for situations like Id27657ca29e4196088
Bug: 35611
Change-Id: Icb4cbadb2d3766869dbc5310121b69fc9e450bf2
RT: 8838
---
M modules/ssh/manifests/server.pp
M modules/ssh/templates/sshd_config.erb
2 files changed, 5 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/03/172803/1
diff --git a/modules/ssh/manifests/server.pp b/modules/ssh/manifests/server.pp
index 56b93a9..985e486 100644
--- a/modules/ssh/manifests/server.pp
+++ b/modules/ssh/manifests/server.pp
@@ -1,5 +1,6 @@
class ssh::server (
$listen_port = '22',
+ $listen_addr = 'ALL',
) {
package { 'openssh-server':
ensure => latest;
diff --git a/modules/ssh/templates/sshd_config.erb
b/modules/ssh/templates/sshd_config.erb
index 64f19f4..318a5ef 100644
--- a/modules/ssh/templates/sshd_config.erb
+++ b/modules/ssh/templates/sshd_config.erb
@@ -4,9 +4,13 @@
# What ports, IPs and protocols we listen for
Port <%= listen_port %>
+<% if @listen_address != "ALL" %>
+ListenAddress <%= @listen_address %>
+<% else %>
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
+<% end %>
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
--
To view, visit https://gerrit.wikimedia.org/r/172803
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Icb4cbadb2d3766869dbc5310121b69fc9e450bf2
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Dzahn <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
