chiark / gitweb /
~mdw / distorted-ansible / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Very early initial commit.
[distorted-ansible] / roles / common / files / ssh-root / config.m4
1 m4_divert(-1) ### -*-m4-*-
2 ### SSH client configuration for root.
3 ###
4 ### This file is maintained on ibanez: edit it there and run `update-slaves'.
5
6 ### Diversion map.
7 ###
8 ###   10        Host nicknames.
9 ###   20        Special-purpose services.
10 ###   90        Default settings.
11
12 ###--------------------------------------------------------------------------
13 ### M4 machinery.
14
15 m4_changequote([, ])
16 m4_define([_nl], [
17 ])
18
19 m4_define([_FOREACH], [m4_dnl
20 m4_ifelse([$#], [1], [_foreach_func($1)],
21         [_foreach_func($1)[]_FOREACH(m4_shift($@))])])
22 m4_define([FOREACH], [m4_dnl
23 m4_pushdef([_foreach_func], [$1])m4_dnl
24 _FOREACH($2)[]m4_dnl
25 m4_popdef([_foreach_func])])
26
27 ## Configuration variables.
28 m4_define([DOMAIN], [distorted.org.uk])
29 m4_define([BACKUP], [ibanez.distorted.org.uk])
30
31 ## Define a host entry.
32 m4_define([_SETHOST], [m4_define([_host], [$1])])
33 m4_define([_DEFHOST], [m4_dnl
34 m4_pushdef([_host])m4_dnl
35 _SETHOST($1)m4_dnl
36 m4_pushdef([_fqdn], m4_ifelse([$5], [], [_host[]$3.DOMAIN], [$5]))m4_dnl
37 Host[]m4_dnl
38 FOREACH([ $][1[]$3 $][1[]$3.DOMAIN], [$1])m4_dnl
39 FOREACH([ $][1[]$4], [$2])
40         HostName _fqdn
41 m4_popdef([_fqdn])m4_dnl
42 m4_popdef([_sethost])m4_dnl
43 m4_popdef([_host])])
44 m4_define([DEFHOST], [m4_dnl
45 _DEFHOST([$1], [$2], [], [], [$4])m4_dnl
46 m4_ifelse([$3], [], [],
47 [FOREACH([_DEFHOST([$1], [$2], [.]$][1, [SHORT_]$][1, [$4])], [$3])])])])
48
49 ## Local configuration.
50 m4_define([HOST], m4_esyscmd([printf %s $(hostname -s)]))
51
52 ###--------------------------------------------------------------------------
53 ### Do-not-edit banners.
54
55 m4_divert(0)m4_dnl
56 ### -*-conf-*-  GENERATED FROM config.m4: DO NOT EDIT!
57 ###
58 ### SSH client configuration for root.
59
60 m4_divert(100)m4_dnl
61 ### GENERATED FROM config.m4: NO NOT EDIT!
62 m4_divert(-1)
63
64 ###--------------------------------------------------------------------------
65 ### Include any local overrides.
66
67 m4_sinclude([/root/.ssh/config.local.m4])m4_divert(-1)
68
69 ###--------------------------------------------------------------------------
70 ### Subnet nicknames.
71
72 m4_define([SHORT_dmz],          [d])
73 m4_define([SHORT_unsafe],       [u])
74 m4_define([SHORT_safe],         [s])
75 m4_define([SHORT_untrusted],    [x])
76
77 m4_define([SHORT_jump],         [j])
78 m4_define([SHORT_colo],         [c])
79
80 m4_divert(10)m4_dnl
81 ###--------------------------------------------------------------------------
82 ### Host-specific settings (mostly nicknames).
83
84 ## Internal hosts.
85 DEFHOST([ibanez],               [i],    [dmz, unsafe])
86 DEFHOST([radius],               [r],    [dmz, unsafe, safe, untrusted])
87 DEFHOST([roadstar],             [rg],   [dmz, unsafe])
88 DEFHOST([jem],                  [j],    [dmz, unsafe])
89 DEFHOST([artist],               [a],    [dmz, unsafe, untrusted])
90 DEFHOST([fender],               [f],    [jump, colo])
91 DEFHOST([precision],            [p],    [jump, colo])
92 DEFHOST([telecaster, tele],     [t],    [jump, colo])
93 DEFHOST([stratocaster, strat],  [s],    [jump, colo])
94 DEFHOST([jazz],                 [z],    [jump, colo])
95 DEFHOST([jaguar],               [jag],  [jump])
96 DEFHOST([vampire],              [v],    [dmz, unsafe, safe, untrusted])
97 DEFHOST([orange],               [o])
98 DEFHOST([gibson],               [g])
99 DEFHOST([crybaby],              [cb])
100 DEFHOST([terror])
101 DEFHOST([groove],               [gr])
102 DEFHOST([haze],                 [h])
103 DEFHOST([marauder],             [m])
104 DEFHOST([invader, inv])
105 DEFHOST([evolution, evo])
106 DEFHOST([grigsby, tp0])
107 DEFHOST([carling, tp1])
108 DEFHOST([tritan, tp2])
109
110 ## Satellite hosts.
111 m4_define([DOMAIN], [binswood.org.uk])m4_dnl
112 DEFHOST([mango])
113 DEFHOST([binswrt],              [bw])
114
115 ## Linode Lish gateways.
116 m4_define([DOMAIN], [linode.com])m4_dnl
117 m4_define([LISH], [DEFHOST([lish-$1])
118         User distorted])m4_dnl
119 LISH([tokyo])
120 LISH([fremont])
121 LISH([newark])
122 LISH([dallas])
123 LISH([atlanta])
124 LISH([london])
125 LISH([singapore])
126
127 ###--------------------------------------------------------------------------
128 ### Specific services.
129
130 Host backup-server
131         HostName BACKUP
132         User bkp-HOST
133
134 m4_divert(90)m4_dnl
135 ###--------------------------------------------------------------------------
136 ### Default settings.
137
138 Host *
139         User root
140         Cipher blowfish
141         Ciphers aes128-ctr,blowfish-cbc,3des-cbc
142         Macs hmac-ripemd160,hmac-sha1,umac-64@openssh.com
143         KeepAlive no
144         ForwardAgent no
145         ForwardX11 no
146         Compression no
147         ControlMaster auto
148         ControlPath ~/.ssh/sock-%l/control-%r@%h:%p
149         ##ControlPersist 5m
150         AddressFamily inet
151         ServerAliveInterval 300
152         CheckHostIP no
153         HashKnownHosts no
154
155 ###------ That's all, folks --------------------------------------------------
Ansible configuration for distorted.org.uk hosts