From d0eea33d88a6ffcbe01544678372d80e8c8de51f Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Fri, 14 Feb 2014 17:38:02 +0100
Subject: Include check_mk monitor pubkey in /root/.ssh/authorized_keys

instead of creating a /root/.ssh/authorized_keys2

see https://review.leap.se/r/148/#comment153
---
 puppet/modules/site_check_mk/manifests/agent.pp        | 7 -------
 puppet/modules/site_sshd/templates/authorized_keys.erb | 4 ++++
 2 files changed, 4 insertions(+), 7 deletions(-)

(limited to 'puppet')

diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp
index ac5a7ebd..75188c7b 100644
--- a/puppet/modules/site_check_mk/manifests/agent.pp
+++ b/puppet/modules/site_check_mk/manifests/agent.pp
@@ -14,12 +14,5 @@ class site_check_mk::agent {
     register_agent              => false
   }
 
-  file { '/root/.ssh/authorized_keys2':
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0600',
-    content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor"
-  }
-
   include site_check_mk::agent::mrpe
 }
diff --git a/puppet/modules/site_sshd/templates/authorized_keys.erb b/puppet/modules/site_sshd/templates/authorized_keys.erb
index 3c65e8ab..69f4d8e6 100644
--- a/puppet/modules/site_sshd/templates/authorized_keys.erb
+++ b/puppet/modules/site_sshd/templates/authorized_keys.erb
@@ -2,5 +2,9 @@
 # all manually added keys will be overridden
 
 <% keys.sort.each do |user, hash| -%>
+<% if user == 'monitor' -%>
+command="/usr/bin/check_mk_agent",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, <%=hash['type']-%> <%=hash['key']%> <%=user%> 
+<% else -%>
 <%=hash['type']-%> <%=hash['key']%> <%=user%> 
+<% end -%>
 <% end -%> 
-- 
cgit v1.2.3