summaryrefslogtreecommitdiff
path: root/Property/Ssh.hs
diff options
context:
space:
mode:
Diffstat (limited to 'Property/Ssh.hs')
-rw-r--r--Property/Ssh.hs53
1 files changed, 0 insertions, 53 deletions
diff --git a/Property/Ssh.hs b/Property/Ssh.hs
deleted file mode 100644
index c726bedd..00000000
--- a/Property/Ssh.hs
+++ /dev/null
@@ -1,53 +0,0 @@
-module Property.Ssh where
-
-import Common
-import qualified Property.File as File
-import Property.User
-
-sshBool :: Bool -> String
-sshBool True = "yes"
-sshBool False = "no"
-
-sshdConfig :: FilePath
-sshdConfig = "/etc/ssh/sshd_config"
-
-setSshdConfig :: String -> Bool -> Property
-setSshdConfig setting allowed = combineProperties
- [ sshdConfig `File.lacksLine` (sshline $ not allowed)
- , sshdConfig `File.containsLine` (sshline allowed)
- ]
- `onChange` restartSshd
- `describe` unwords [ "ssh config:", setting, sshBool allowed ]
- where
- sshline v = setting ++ " " ++ sshBool v
-
-permitRootLogin :: Bool -> Property
-permitRootLogin = setSshdConfig "PermitRootLogin"
-
-passwordAuthentication :: Bool -> Property
-passwordAuthentication = setSshdConfig "PasswordAuthentication"
-
-hasAuthorizedKeys :: UserName -> IO Bool
-hasAuthorizedKeys = go <=< homedir
- where
- go Nothing = return False
- go (Just home) = not . null <$> catchDefaultIO ""
- (readFile $ home </> ".ssh" </> "authorized_keys")
-
-restartSshd :: Property
-restartSshd = cmdProperty "service" [Param "ssh", Param "restart"]
-
-{- Blow away existing host keys and make new ones. Use a flag
- - file to prevent doing this more than once. -}
-uniqueHostKeys :: Property
-uniqueHostKeys = flagFile prop "/etc/ssh/.unique_host_keys"
- `onChange` restartSshd
- where
- prop = Property "ssh unique host keys" $ do
- void $ boolSystem "sh"
- [ Param "-c"
- , Param "rm -f /etc/ssh/ssh_host_*"
- ]
- ensureProperty $
- cmdProperty "/var/lib/dpkg/info/openssh-server.postinst"
- [Param "configure"]