mediawiki: Remove xbl.spamhaus.org DNSBL

[chef.git] / cookbooks / openssh / recipes / default.rb

diff --git a/cookbooks/openssh/recipes/default.rb b/cookbooks/openssh/recipes/default.rb
index 13bc8f517d07a3d4e5897290e172b5397b0ca1eb..8b57aaaef75ef5e799b1ab08be8e6440cc811817 100644 (file)
--- a/cookbooks/openssh/recipes/default.rb
+++ b/cookbooks/openssh/recipes/default.rb
@@ -23,6 +23,15 @@ include_recipe "networking"
 package "openssh-client"
 package "openssh-server"
 
+template "/etc/ssh/sshd_config.d/chef.conf" do
+  source "sshd_config.conf.erb"
+  owner "root"
+  group "root"
+  mode "644"
+  notifies :restart, "service[ssh]"
+  only_if { Dir.exist?("/etc/ssh/sshd_config.d") }
+end
+
 service "ssh" do
   action [:enable, :start]
   supports :status => true, :restart => true, :reload => true
@@ -64,7 +73,7 @@ end
 
 template "/etc/ssh/ssh_known_hosts" do
   source "ssh_known_hosts.erb"
-  mode 0o444
+  mode "444"
   owner "root"
   group "root"
   backup false
@@ -75,8 +84,7 @@ end
 
 firewall_rule "accept-ssh" do
   action :accept
-  source "net"
-  dest "fw"
-  proto "tcp:syn"
+  context :incoming
+  protocol :tcp
   dest_ports node[:openssh][:port]
 end