Adds SSH Banner text into sshd_config
Allow use of ooo template to populate banner text into /etc/issue Change-Id: If5b2da9415f10652a0a64503b2da4b63d1018640 Depends-On: Ie9f8afdfa9930428f06c9669fedb460dc1064d5e Closes-Bug: #1640306
This commit is contained in:
Luke Hinds
lhinds
parent
f0bed4c7e7
commit
73f58792f9
@ -34,6 +34,7 @@ parameter_defaults:
|
||||
- OS::TripleO::Services::NovaScheduler
|
||||
- OS::TripleO::Services::Ntp
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::NovaCompute
|
||||
- OS::TripleO::Services::NovaLibvirt
|
||||
@ -81,3 +82,12 @@ parameter_defaults:
|
||||
GlanceBackend: rbd
|
||||
GnocchiBackend: rbd
|
||||
CinderEnableIscsiBackend: false
|
||||
BannerText: |
|
||||
******************************************************************
|
||||
* This system is for the use of authorized users only. Usage of *
|
||||
* this system may be monitored and recorded by system personnel. *
|
||||
* Anyone using this system expressly consents to such monitoring *
|
||||
* and is advised that if such monitoring reveals possible *
|
||||
* evidence of criminal activity, system personnel may provide *
|
||||
* the evidence from such monitoring to law enforcement officials.*
|
||||
******************************************************************
|
||||
|
||||
13
environments/sshd-banner.yaml
Normal file
13
environments/sshd-banner.yaml
Normal file
@ -0,0 +1,13 @@
|
||||
resource_registry:
|
||||
OS::TripleO::Services::Sshd: ../puppet/services/sshd.yaml
|
||||
|
||||
parameter_defaults:
|
||||
BannerText: |
|
||||
******************************************************************
|
||||
* This system is for the use of authorized users only. Usage of *
|
||||
* this system may be monitored and recorded by system personnel. *
|
||||
* Anyone using this system expressly consents to such monitoring *
|
||||
* and is advised that if such monitoring reveals possible *
|
||||
* evidence of criminal activity, system personnel may provide *
|
||||
* the evidence from such monitoring to law enforcement officials.*
|
||||
******************************************************************
|
||||
@ -168,6 +168,7 @@ resource_registry:
|
||||
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
|
||||
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
||||
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
||||
OS::TripleO::Services::Sshd: OS::Heat::None
|
||||
OS::TripleO::Services::Redis: puppet/services/database/redis.yaml
|
||||
OS::TripleO::Services::NovaConductor: puppet/services/nova-conductor.yaml
|
||||
OS::TripleO::Services::MongoDb: puppet/services/database/mongodb.yaml
|
||||
|
||||
34
puppet/services/sshd.yaml
Normal file
34
puppet/services/sshd.yaml
Normal file
@ -0,0 +1,34 @@
|
||||
heat_template_version: ocata
|
||||
|
||||
description: >
|
||||
Configure sshd_config
|
||||
|
||||
parameters:
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
BannerText:
|
||||
default: ''
|
||||
description: Configures Banner text in sshd_config
|
||||
type: string
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the ssh
|
||||
value:
|
||||
service_name: sshd
|
||||
config_settings:
|
||||
BannerText: {get_param: BannerText}
|
||||
step_config: |
|
||||
include ::tripleo::profile::base::sshd
|
||||
@ -66,6 +66,7 @@
|
||||
- OS::TripleO::Services::SwiftStorage
|
||||
- OS::TripleO::Services::SwiftRingBuilder
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::CeilometerApi
|
||||
- OS::TripleO::Services::CeilometerCollector
|
||||
@ -115,6 +116,7 @@
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::Ntp
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::NovaCompute
|
||||
- OS::TripleO::Services::NovaLibvirt
|
||||
- OS::TripleO::Services::Kernel
|
||||
@ -138,6 +140,7 @@
|
||||
- OS::TripleO::Services::Ntp
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::SensuClient
|
||||
@ -151,6 +154,7 @@
|
||||
- OS::TripleO::Services::SwiftStorage
|
||||
- OS::TripleO::Services::SwiftRingBuilder
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
@ -164,6 +168,7 @@
|
||||
- OS::TripleO::Services::Kernel
|
||||
- OS::TripleO::Services::Ntp
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
|
||||
Loading…
Reference in New Issue
Block a user