2019-03-03 08:50:49 +00:00
|
|
|
# ToDo: `iptables` setting must be here:
|
|
|
|
|
execute 'ufw allow 10022' do
|
|
|
|
|
user 'root'
|
|
|
|
|
|
|
|
|
|
not_if 'LANG=c ufw status | grep 10022'
|
|
|
|
|
|
|
|
|
|
notifies :run, 'execute[ufw reload-or-enable]'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# Deploy the `sshd` configuration file:
|
2022-08-28 12:49:00 +00:00
|
|
|
case node['platform_version']
|
|
|
|
|
when "22.04"
|
|
|
|
|
remote_file '/etc/ssh/sshd_config' do
|
|
|
|
|
user 'root'
|
|
|
|
|
owner 'root'
|
|
|
|
|
group 'root'
|
|
|
|
|
mode '644'
|
|
|
|
|
|
|
|
|
|
source 'files/etc/ssh/sshd_config.2204'
|
|
|
|
|
end
|
|
|
|
|
|
2020-10-10 07:08:34 +00:00
|
|
|
when "20.04"
|
|
|
|
|
remote_file '/etc/ssh/sshd_config' do
|
|
|
|
|
user 'root'
|
|
|
|
|
owner 'root'
|
|
|
|
|
group 'root'
|
|
|
|
|
mode '644'
|
|
|
|
|
|
|
|
|
|
source 'files/etc/ssh/sshd_config.2004'
|
|
|
|
|
end
|
|
|
|
|
|
2019-03-03 08:50:49 +00:00
|
|
|
when "18.04"
|
|
|
|
|
remote_file '/etc/ssh/sshd_config' do
|
|
|
|
|
user 'root'
|
|
|
|
|
owner 'root'
|
|
|
|
|
group 'root'
|
|
|
|
|
mode '644'
|
|
|
|
|
|
|
|
|
|
source 'files/etc/ssh/sshd_config.1804'
|
|
|
|
|
end
|
2022-08-28 12:49:00 +00:00
|
|
|
|
2019-03-03 08:50:49 +00:00
|
|
|
else
|
|
|
|
|
remote_file '/etc/ssh/sshd_config' do
|
|
|
|
|
user 'root'
|
|
|
|
|
owner 'root'
|
|
|
|
|
group 'root'
|
|
|
|
|
mode '644'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Apply the changes:
|
|
|
|
|
execute 'systemctl reload ssh.service ' do
|
|
|
|
|
action :nothing
|
|
|
|
|
subscribes :run, 'remote_file[/etc/ssh/sshd_config]'
|
|
|
|
|
end
|
