diff options
Diffstat (limited to 'modules-available/sysconfig/inc/configmodule')
-rw-r--r-- | modules-available/sysconfig/inc/configmodule/sshconfig.inc.php | 32 | ||||
-rw-r--r-- | modules-available/sysconfig/inc/configmodule/sshkey.inc.php | 55 |
2 files changed, 78 insertions, 9 deletions
diff --git a/modules-available/sysconfig/inc/configmodule/sshconfig.inc.php b/modules-available/sysconfig/inc/configmodule/sshconfig.inc.php index 9975f789..b5ab20e4 100644 --- a/modules-available/sysconfig/inc/configmodule/sshconfig.inc.php +++ b/modules-available/sysconfig/inc/configmodule/sshconfig.inc.php @@ -5,7 +5,7 @@ ConfigModule::registerModule( Dictionary::translateFileModule('sysconfig', 'config-module', 'sshconfig_title'), // Title Dictionary::translateFileModule('sysconfig', 'config-module', 'sshconfig_description'), // Description Dictionary::translateFileModule('sysconfig', 'config-module', 'group_sshconfig'), // Group - false, // Only one per config? + true, // Only one per config? 500 ); @@ -23,7 +23,6 @@ class ConfigModule_SshConfig extends ConfigModule 'failOnParentFail' => false, 'parent' => $parent ); - // Create config module, which will also check if the pubkey is valid return Taskmanager::submit('SshdConfigGenerator', $config); } @@ -34,25 +33,40 @@ class ConfigModule_SshConfig extends ConfigModule protected function validateConfig() { - return isset($this->moduleData['publicKey']) && isset($this->moduleData['allowPasswordLogin']) && isset($this->moduleData['listenPort']); + // UPGRADE + if (isset($this->moduleData['allowPasswordLogin']) && !isset($this->moduleData['allowedUsersLogin'])) { + $this->moduleData['allowPasswordLogin'] = strtoupper($this->moduleData['allowPasswordLogin']); + if (!in_array($this->moduleData['allowPasswordLogin'], ['NO', 'USER_ONLY', 'YES'])) { + $this->moduleData['allowPasswordLogin'] = 'NO'; + } + $this->moduleData['allowedUsersLogin'] = 'ALL'; + } + return isset($this->moduleData['allowPasswordLogin']) && isset($this->moduleData['allowedUsersLogin']) + && isset($this->moduleData['listenPort']); } public function setData($key, $value) { switch ($key) { case 'publicKey': - break; + if ($value === false) { + error_log('Unsetting publicKey'); + unset($this->moduleData[$key]); + return true; + } + return false; case 'allowPasswordLogin': - if ($value === true || $value === 'yes') - $value = 'yes'; - elseif ($value === false || $value === 'no') - $value = 'no'; - else + if (!in_array($value, ['NO', 'USER_ONLY', 'YES'])) + return false; + break; + case 'allowedUsersLogin'; + if (!in_array($value, ['ROOT_ONLY', 'USER_ONLY', 'ALL'])) return false; break; case 'listenPort': if (!is_numeric($value) || $value < 1 || $value > 65535) return false; + $value = (int)$value; break; default: return false; diff --git a/modules-available/sysconfig/inc/configmodule/sshkey.inc.php b/modules-available/sysconfig/inc/configmodule/sshkey.inc.php new file mode 100644 index 00000000..2d212d25 --- /dev/null +++ b/modules-available/sysconfig/inc/configmodule/sshkey.inc.php @@ -0,0 +1,55 @@ +<?php + +ConfigModule::registerModule( + ConfigModule_SshKey::MODID, // ID + Dictionary::translateFileModule('sysconfig', 'config-module', 'sshkey_title'), // Title + Dictionary::translateFileModule('sysconfig', 'config-module', 'sshkey_description'), // Description + Dictionary::translateFileModule('sysconfig', 'config-module', 'group_sshkey'), // Group + false, // Only one per config? + 510 +); + +class ConfigModule_SshKey extends ConfigModule +{ + const MODID = 'SshKey'; + const VERSION = 1; + + protected function generateInternal($tgz, $parent) + { + if (!$this->validateConfig()) + return false; + $config = array( + 'files' => [ + '/root/.ssh/authorized_keys.d/sshkey_' . $this->id() . '_' . Util::sanitizeFilename($this->title()) . '.pub' + => $this->moduleData['publicKey']], + 'destination' => $tgz, + 'failOnParentFail' => false, + 'parent' => $parent + ); + // Create config module, which will also check if the pubkey is valid + return Taskmanager::submit('MakeTarball', $config); + } + + protected function moduleVersion() + { + return self::VERSION; + } + + protected function validateConfig() + { + return isset($this->moduleData['publicKey']); + } + + public function setData($key, $value) + { + switch ($key) { + case 'publicKey': + break; + default: + return false; + } + $this->moduleData[$key] = $value; + return true; + } + +} |