# Cfengine code snippet by Valentin Hoebel (valentin@xenuser.org)
# Created on August 7th 2012; Configure sshd
# You are free to use and share this code snippet in any way you want.

body common control {
	version		=> "1.0";
	inputs		=> { "cfengine_stdlib.cf" };
	bundlesequence	=> { "configure_services" };
}

bundle agent configure_services {
  vars:
	#Which config file shall be configured?
	"files[sshd]" string => "/etc/ssh/sshd_config";

	#SSHd variables to be set
	"sshd[PasswordAuthentication]"	string => "yes";
	"sshd[UsePAM]"			string => "yes";


  methods:
	"sshd" usebundle	=> edit_sshd,
	comment 		=> "Configure $(files[sshd])";
}

bundle agent edit_sshd {
  files:
	"$(configure_services.files[sshd])"
	handle		=> "edit_sshd",
	comment		=> "Ensure sshd is configured correctly",
	create		=> "true",
	edit_line	=> set_config_values("configure_services.sshd"),
	classes		=> if_repaired("sshd_restart_required");

  commands:
	sshd_restart_required::
	  "/etc/init.d/ssh restart"
		handle	=> "restart_sshd",
		comment	=> "Restart SSHd for configuration changes";
}