diff options
-rwxr-xr-x | share/hydra/compile | 74 |
1 files changed, 55 insertions, 19 deletions
diff --git a/share/hydra/compile b/share/hydra/compile index 4dd721b..14dd68c 100755 --- a/share/hydra/compile +++ b/share/hydra/compile @@ -26,6 +26,27 @@ NODES="`hydra $HYDRA nodes`" FACTS="$HYDRA_FOLDER/puppet/config/facts" KEYS="$HYDRA_FOLDER/keyring/keys/nodes" +function hydractl_get_yaml_ssh_key { + local file="$1" + local type="$2" + + # Old facted implementation + key="$(grep ssh${type}key: ${file} | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')" + + if [ ! -z "$key" ]; then + echo $key + return + fi + + # New facter implementation + if [ ! -e "$APP_BASE/vendor/shyaml/shyaml" ]; then + echo "error: missing $APP_BASE/vendor/shyaml installation" + exit 1 + fi + + cat $file | $APP_BASE/vendor/shyaml/shyaml get-value ssh.${type}.key 2> /dev/null +} + echo "Starting a fresh compiled config..." mkdir -p "`dirname $CONFIG`" echo "---" > $CONFIG @@ -52,12 +73,13 @@ echo "sshkeys:" >> $CONFIG for node in $NODES; do if [ -e "$FACTS/${node}.yaml" ]; then - rsakey="$(grep sshrsakey: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')" - sshed25519key="$(grep sshed25519key: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')" - sshecdsakey="$(grep sshecdsakey: $FACTS/${node}.yaml | cut -d ':' -f 2 | sed -e 's/ //g' -e 's/"//g')" + rsakey="`hydractl_get_yaml_ssh_key $FACTS/${node}.yaml rsa`" + sshed25519key="`hydractl_get_yaml_ssh_key $FACTS/${node}.yaml ed25519`" + sshecdsakey="`hydractl_get_yaml_ssh_key $FACTS/${node}.yaml ecdsa`" host_aliases="" ssh_ports="`hydra_hiera_query $node sshd::ports`" + echo $ssh_ports if [ "$ssh_ports" != "nil" ] && [ ! -z "$ssh_ports" ]; then ssh_ports="`echo $ssh_ports | sed -e 's/\[//g' -e 's/\]//g' -e 's/,//g'`" @@ -84,22 +106,36 @@ for node in $NODES; do fi fi - # See [PUP-6589] Resource Type sshkey doesn't allow the declaration of multiple SSH host keys for one host + # In the past that was not possible due to the following issue: + # [PUP-6589] Resource Type sshkey doesn't allow the declaration of multiple SSH host keys for one host # https://tickets.puppetlabs.com/browse/PUP-6589 - #if [ ! -z "$sshed25519key" ]; then - # echo " $node-sshed25519key:" >> $CONFIG - # echo " name : '$node'" >> $CONFIG - # echo " ensure: 'present'" >> $CONFIG - # echo " type : 'ssh-ed25519'" >> $CONFIG - # echo " key : '$sshed25519key'" >> $CONFIG - #fi - - #if [ ! -z "$sshecdsakey" ]; then - # echo " $node-sshecdsakey:" >> $CONFIG - # echo " name : '$node'" >> $CONFIG - # echo " ensure: 'present'" >> $CONFIG - # echo " type : 'ecdsa-sha2-nistp256'" >> $CONFIG - # echo " key : '$sshecdsakey'" >> $CONFIG - #fi + # https://puppet.com/docs/puppet/5.5/types/sshkey.html + if [ ! -z "$sshed25519key" ]; then + echo " sshed25519key-${node}:" >> $CONFIG + #echo " name : '$node'" >> $CONFIG + echo " ensure: 'present'" >> $CONFIG + echo " type : 'ssh-ed25519'" >> $CONFIG + echo " key : '$sshed25519key'" >> $CONFIG + + if [ ! -z "$host_aliases" ]; then + echo " host_aliases : [ $node, $host_aliases ]" >> $CONFIG + else + echo " host_aliases : [ $node ]" >> $CONFIG + fi + fi + + if [ ! -z "$sshecdsakey" ]; then + echo " sshecdsakey-${node}:" >> $CONFIG + #echo " name : '$node'" >> $CONFIG + echo " ensure: 'present'" >> $CONFIG + echo " type : 'ecdsa-sha2-nistp256'" >> $CONFIG + echo " key : '$sshecdsakey'" >> $CONFIG + + if [ ! -z "$host_aliases" ]; then + echo " host_aliases : [ $node, $host_aliases ]" >> $CONFIG + else + echo " host_aliases : [ $node ]" >> $CONFIG + fi + fi fi done |