Support for binding on multiple addresses and ports
diff --git a/README.rst b/README.rst
index eab4d06..33c051c 100644
--- a/README.rst
+++ b/README.rst
@@ -84,6 +84,19 @@
public_keys:
- ${public_keys:newt}
+You can also bind openssh on multiple addresses and ports:
+
+.. code-block:: yaml
+
+ openssh:
+ server:
+ enabled: true
+ binds:
+ - address: 127.0.0.1
+ port: 22
+ - address: 192.168.1.1
+ port: 2222
+
OpenSSH server for use with FreeIPA
.. code-block:: yaml
diff --git a/openssh/files/sshd_config b/openssh/files/sshd_config
index bd95493..705f8d7 100755
--- a/openssh/files/sshd_config
+++ b/openssh/files/sshd_config
@@ -3,13 +3,17 @@
# Package generated configuration file
# See the sshd_config(5) manpage for details
+{%- if server.binds is defined %}
+{%- for bind in server.binds %}
+ListenAddress {{ bind.address|default("0.0.0.0") }}:{{ bind.port|default("22") }}
+{%- endfor %}
+{%- else %}
# What ports, IPs and protocols we listen for
Port {{ server.bind.port }}
# Use these options to restrict which interfaces/protocols sshd will bind to
-#ListenAddress ::
-#ListenAddress 0.0.0.0
ListenAddress {{ server.bind.address }}
+{%- endif %}
Protocol 2
# HostKeys for protocol version 2