added support for monitor ssh keys (requires latest leap_cli)

2 files changed, 14 insertions, 2 deletions

diff --git a/platform.rb b/platform.rb
index 60b0d9a5..62fb0215 100644
--- a/platform.rb
+++ b/platform.rb
@@ -3,8 +3,8 @@
 #
 
 Leap::Platform.define do
-  self.version = "0.2.4"
-  self.compatible_cli = "1.2.4".."1.99"
+  self.version = "0.3.0"
+  self.compatible_cli = "1.3.0".."1.99"
 
   #
   # the facter facts that should be gathered
@@ -43,6 +43,8 @@ Leap::Platform.define do
     :user_pgp         => 'users/#{arg}/#{arg}_pgp.pub',
     :known_hosts      => 'files/ssh/known_hosts',
     :authorized_keys  => 'files/ssh/authorized_keys',
+    :monitor_pub_key  => 'files/ssh/monitor_ssh.pub',
+    :monitor_priv_key => 'files/ssh/monitor_ssh',
     :ca_key           => 'files/ca/ca.key',
     :ca_cert          => 'files/ca/ca.crt',
     :client_ca_key    => 'files/ca/client_ca.key',
@@ -73,5 +75,9 @@ Leap::Platform.define do
   self.node_files = [
     :node_config, :hiera, :node_x509_cert, :node_x509_key, :node_ssh_pub_key
   ]
+
+  self.monitor_username = 'monitor'
+
+  self.reserved_usernames = ['monitor']
 end
 
diff --git a/provider_base/services/monitor.json b/provider_base/services/monitor.json
index c3e2b954..b6886603 100644
--- a/provider_base/services/monitor.json
+++ b/provider_base/services/monitor.json
@@ -2,5 +2,11 @@
   "nagios": {
     "nagiosadmin_pw": "= secret :nagios_admin_password",
     "hosts": "= nodes_like_me.pick_fields('domain.internal', 'ip_address', 'services', 'openvpn.gateway_address')"
+  },
+  "ssh": {
+    "monitor": {
+      "username": "= Leap::Platform.monitor_username",
+      "private_key": "= file(:monitor_priv_key)"
+    }
   }
 }