diff options
| author | mh <mh@immerda.ch> | 2010-12-16 16:22:24 +0100 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2010-12-16 16:22:24 +0100 |
| commit | 5c729410824c817325e3d495aac932feda7574b9 (patch) | |
| tree | e0bbf0fd0a454465493a39667b1f21f1542910cd /lib | |
| parent | 7e6d3af6f8b207133b3c71f9c714e19b68a4fc4e (diff) | |
Add a function to create ssh keys on the fly
This allows you to use content of ssh keys within your manifests
and generate them automatically if they don't exist yet.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/puppet/parser/functions/.ssh_keygen.rb.swp | bin | 0 -> 12288 bytes | |||
| -rw-r--r-- | lib/puppet/parser/functions/ssh_keygen.rb | 23 |
2 files changed, 23 insertions, 0 deletions
diff --git a/lib/puppet/parser/functions/.ssh_keygen.rb.swp b/lib/puppet/parser/functions/.ssh_keygen.rb.swp Binary files differnew file mode 100644 index 0000000..b5036fa --- /dev/null +++ b/lib/puppet/parser/functions/.ssh_keygen.rb.swp diff --git a/lib/puppet/parser/functions/ssh_keygen.rb b/lib/puppet/parser/functions/ssh_keygen.rb new file mode 100644 index 0000000..18b006a --- /dev/null +++ b/lib/puppet/parser/functions/ssh_keygen.rb @@ -0,0 +1,23 @@ +Puppet::Parser::Functions::newfunction(:ssh_keygen, :type => :rvalue, :doc => + "Returns an array containing the ssh private and public (in this order) key + for a certain private key path. + It will generate the keypair if both do not exist. It will also generate + the directory hierarchy if required. + It accepts only fully qualified paths, everything else will fail.") do |args| + raise Puppet::ParseError, "Wrong number of arguments" unless args.to_a.length == 1 + private_key_path = args + raise Puppet::ParseError, "Only fully qualified paths are accepted" unless private_key_path =~ /^\/.+/ + public_key_path = "#{private_key_path}.pub" + raise Puppet::ParseError, "Either only the private or only the public key exists" if File.exists?(private_key_path) ^ File.exists?(public_key_path) + [private_key_path,public_key_path].each do |path| + raise Puppet::ParseError, "#{path} is a directory" if File.directory?(path) + end + + dir = File.dirname(private_key_path) + Puppet::Util.recmkdir(dir,0700) unless File.directory?(dir) + unless [private_key_path,public_key_path].all?{|path| File.exists?(path) } + output = Puppet::Util.execute(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', private_key_path, '-P', '', '-q']) + raise Puppet::ParseError, "Something went wrong during key generation! Output: #{output}" unless output.empty? + end + [File.read(private_key_path),File.read(public_key_path)] +end |