diff options
-rw-r--r-- | manifests/init.pp | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 569b234..7b14e8b 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -90,6 +90,18 @@ class sshd::base { content => template("sshd/sshd_config/${operatingsystem}_normal.erb"), notify => Service[sshd], } + # Now add the key, if we've got one + case $sshrsakey_key { + '': { info("no sshrsakey on $fqdn") } + default: { + @@sshkey{"$hostname.$domain": + type => ssh-rsa, + key => $sshrsakey_key, + ensure => present, + require => Package["openssh-clients"], + } + } + } service{'sshd': name => 'sshd', enable => true, @@ -154,12 +166,40 @@ class sshd::openbsd inherits sshd::base { } ### defines +# wrapper to have some defaults. +define sshd::ssh_authorized_key( + $type = 'ssh-dss', + $key, + $user = 'root', + $target = undef, + $options = 'absent' +){ + ssh_authorized_key{$name: + type => $type, + key => $key, + user => $root, + target => $target, + } + + case $options { + 'absent': { info("not setting any option for ssh_authorized_key: $name") } + default: { + Ssh_authorized_key[$name]{ + options => $options, + } + } + } +} + +# deprecated! define sshd::deploy_auth_key( $source = 'present', $user = 'root', $target_dir = '/root/.ssh/', $group = 0 ) { + notice("this way of deploying authorized keys is deprecated. use the native ssh_authorized_key instead") + $real_target = $target_dir ? { '' => "/home/$user/.ssh/", default => $target_dir, |