Add the trusted source as class parameter

Remove the hardcoded puppetmaster.openstack.org value
from the template but keep it as default parameter
value for ssh class.

Change-Id: I4b07f78ed455841cc2301227e42222ca96b24821

manifests/init.pp

@@ -1,6 +1,6 @@
 # == Class: ssh
 #
-class ssh {
+class ssh ($trusted_ssh_source = 'puppetmaster.openstack.org') {
     include ssh::params
     package { $::ssh::params::package_name:
       ensure => present,

templates/sshd_config.erb

@@ -86,5 +86,5 @@ Subsystem sftp <%= scope.lookupvar('::ssh::params::sftp_path') %>
 UsePAM yes
 
 # allow ansible connections from puppetmaster host
-Match host puppetmaster.openstack.org
+Match host <%= @trusted_ssh_source %>
     PermitRootLogin without-password