diff options
| author | Matt Taggart <taggart@riseup.net> | 2015-01-22 12:11:04 -0800 |
|---|---|---|
| committer | Matt Taggart <taggart@riseup.net> | 2015-04-16 21:14:53 +0000 |
| commit | ef821fad2dda052fd60255e7c6e3a199d536fa69 (patch) | |
| tree | 4411c331ff451955582e9221fdfe4011f08c91ba /manifests/agent | |
| parent | 3736a2b0a2b33bc00231d7222a65ae33af5a43c9 (diff) | |
we don't need to check $authfile, puppet will do the right thing
Conflicts:
manifests/agent/generate_sshkey.pp
Diffstat (limited to 'manifests/agent')
| -rw-r--r-- | manifests/agent/config.pp | 20 | ||||
| -rw-r--r-- | manifests/agent/generate_sshkey.pp | 27 |
2 files changed, 12 insertions, 35 deletions
diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp index 934a05f..36f2910 100644 --- a/manifests/agent/config.pp +++ b/manifests/agent/config.pp @@ -37,21 +37,11 @@ class check_mk::agent::config ( } 'ssh' : { if $generate_sshkey { - if $authfile { - # if authfile is overridden, pass it through - check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": - keydir => $keydir, - authdir => $authdir, - authfile => $authfile, - sshuser => $sshuser - } - } else { - # otherwise don't - check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": - keydir => $keydir, - authdir => $authdir, - sshuser => $sshuser - } + check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}": + keydir => $keydir, + authdir => $authdir, + authfile => $authfile, + sshuser => $sshuser } } diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp index 68c3bf1..71b58e9 100644 --- a/manifests/agent/generate_sshkey.pp +++ b/manifests/agent/generate_sshkey.pp @@ -34,26 +34,13 @@ define check_mk::agent::generate_sshkey ( # setup the public half of the key in authorized_keys on the agent # and restrict it to running only the agent - if $authdir or $authfile { - # if $authkey or $authdir are set, override authorized_keys path and file - # and also override using the built-in ssh_authorized_key since it may - # not be able to write to $authdir - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => $sshuser, - target => "${authdir}/${authfile}", - override_builtin => true, - options => "command=\"${command}\""; - } - } else { - # otherwise use the defaults - sshd::ssh_authorized_key { $ssh_key_name: - type => 'ssh-rsa', - key => $public_key, - user => 'root', - options => "command=\"${command}\""; - } + sshd::ssh_authorized_key { $ssh_key_name: + type => 'ssh-rsa', + key => $public_key, + user => $sshuser, + target => "${authdir}/${authfile}", + override_builtin => true, + options => "command=\"${command}\""; } # resource collector for the private half of the keys, these end up on |