From c42d24d3b963bd1bf39e6bb6ceb1f0b5392da524 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sun, 13 Apr 2014 18:57:08 -0300 Subject: Manage ssh private keys with ssh_local_key --- manifests/init.pp | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) (limited to 'manifests') diff --git a/manifests/init.pp b/manifests/init.pp index 68c2591..34d8c88 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -193,7 +193,7 @@ class backup( } # default backupninja::rdiff configuration - define rdiff($port = '22', $ensure = present, $installkey = true) { + define rdiff($port = '22', $ensure = present) { backupninja::rdiff { "rdiff-$title.$domain": ensure => $ensure, options => "--remote-schema 'ssh -p $port -C %s rdiff-backup --server'", @@ -208,27 +208,34 @@ class backup( subfolder => "rdiff", user => "$hostname", sshoptions => "-p $port", - installkey => $installkey, + installkey => false, backupkeytype => "rsa", - backupkeystore => "puppet:///ssh", + backupkeystore => "puppet:///pubkeys", + } + + if !defined(Ssh_local_key['backup']) { + ssh_local_key { 'backup': + owner => root, + group => root, + home => /root, + } } } define rsync($port = '22', $ensure = present, - $installkey = true, $bandwidthlimit = false, $use_domain = $::domain, $use_fqdn = $::fqdn) { backupninja::rsync { "rsync-$title.$use_domain": # [general] ensure => $ensure, - installkey => $installkey, + installkey => false, home => "$backupdir/remote/$use_fqdn", backupdir => "$backupdir/remote/$use_fqdn/rsync", backupkeytype => "rsa", id_file => "/root/.ssh/id_rsa", - backupkeystore => "puppet:///ssh", + backupkeystore => "puppet:///pubkeys", keepdaily => '4', keepweekly => '2', keepmonthly => '2', @@ -246,6 +253,14 @@ class backup( compress => '1', testconnect => 'yes', } + + if !defined(Ssh_local_key['backup']) { + ssh_local_key { 'backup': + owner => root, + group => root, + home => /root, + } + } } # local backups using duplicity -- cgit v1.2.3