summaryrefslogtreecommitdiff
path: root/manifests/agent
diff options
context:
space:
mode:
authorMatt Taggart <taggart@riseup.net>2015-01-22 12:11:04 -0800
committerMatt Taggart <taggart@riseup.net>2015-04-16 21:14:53 +0000
commitef821fad2dda052fd60255e7c6e3a199d536fa69 (patch)
tree4411c331ff451955582e9221fdfe4011f08c91ba /manifests/agent
parent3736a2b0a2b33bc00231d7222a65ae33af5a43c9 (diff)
we don't need to check $authfile, puppet will do the right thing
Conflicts: manifests/agent/generate_sshkey.pp
Diffstat (limited to 'manifests/agent')
-rw-r--r--manifests/agent/config.pp20
-rw-r--r--manifests/agent/generate_sshkey.pp27
2 files changed, 12 insertions, 35 deletions
diff --git a/manifests/agent/config.pp b/manifests/agent/config.pp
index 934a05f..36f2910 100644
--- a/manifests/agent/config.pp
+++ b/manifests/agent/config.pp
@@ -37,21 +37,11 @@ class check_mk::agent::config (
}
'ssh' : {
if $generate_sshkey {
- if $authfile {
- # if authfile is overridden, pass it through
- check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}":
- keydir => $keydir,
- authdir => $authdir,
- authfile => $authfile,
- sshuser => $sshuser
- }
- } else {
- # otherwise don't
- check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}":
- keydir => $keydir,
- authdir => $authdir,
- sshuser => $sshuser
- }
+ check_mk::agent::generate_sshkey { "check_mk_key_${::fqdn}":
+ keydir => $keydir,
+ authdir => $authdir,
+ authfile => $authfile,
+ sshuser => $sshuser
}
}
diff --git a/manifests/agent/generate_sshkey.pp b/manifests/agent/generate_sshkey.pp
index 68c3bf1..71b58e9 100644
--- a/manifests/agent/generate_sshkey.pp
+++ b/manifests/agent/generate_sshkey.pp
@@ -34,26 +34,13 @@ define check_mk::agent::generate_sshkey (
# setup the public half of the key in authorized_keys on the agent
# and restrict it to running only the agent
- if $authdir or $authfile {
- # if $authkey or $authdir are set, override authorized_keys path and file
- # and also override using the built-in ssh_authorized_key since it may
- # not be able to write to $authdir
- sshd::ssh_authorized_key { $ssh_key_name:
- type => 'ssh-rsa',
- key => $public_key,
- user => $sshuser,
- target => "${authdir}/${authfile}",
- override_builtin => true,
- options => "command=\"${command}\"";
- }
- } else {
- # otherwise use the defaults
- sshd::ssh_authorized_key { $ssh_key_name:
- type => 'ssh-rsa',
- key => $public_key,
- user => 'root',
- options => "command=\"${command}\"";
- }
+ sshd::ssh_authorized_key { $ssh_key_name:
+ type => 'ssh-rsa',
+ key => $public_key,
+ user => $sshuser,
+ target => "${authdir}/${authfile}",
+ override_builtin => true,
+ options => "command=\"${command}\"";
}
# resource collector for the private half of the keys, these end up on