updates to work with mfpl monkeysphere setup

author: Jamie McClelland <jm@mayfirst.org> 2011-03-04 15:20:05 -0500
committer: Jamie McClelland <jm@mayfirst.org> 2011-03-04 15:20:05 -0500
commit: 26dbee78df014daa94b40b00b11c20b2f46721d7 (patch)
tree: aabbebfa136b839859d3feb402667ba50845b747 /manifests
parent: 28ee8f4e7d762bdc5eb061f2bbfad35a9dff7037 (diff)
download: puppet-monkeysphere-26dbee78df014daa94b40b00b11c20b2f46721d7.tar.gz
puppet-monkeysphere-26dbee78df014daa94b40b00b11c20b2f46721d7.tar.bz2
1 files changed, 46 insertions, 22 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index a4e60ad..d873237 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,7 +1,7 @@
 # This module is distributed under the GNU Affero General Public License:
 # 
 # Monkeysphere module for puppet
-# Copyright (C) 2009 Sarava Group
+# Copyright (C) 2009-2010 Sarava Group
 # 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
@@ -23,29 +23,53 @@ class monkeysphere {
   # The needed packages
   package { monkeysphere: ensure => installed, }
 
-  $ssh_port = $monkeysphere_ssh_port ? {
-    ''      => '',
-    default => ":$monkeysphere_ssh_port",
+}
+
+class monkeysphere::import_key inherits monkeysphere {
+  $key = "ssh://${fqdn}"
+  # Server host key import 
+  exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key":
+	user    => "root",
+	unless => "/usr/sbin/monkeysphere-host s | grep $key"
   }
+}
 
-  $key = "ssh://${fqdn}${ssh_port}"
+# Server host key publication
+class monkeysphere::publish_key inherits monkeysphere { 
+  exec { "MONKEYSPHERE_PROMPT=false $keyserver_arg /usr/sbin/monkeysphere-host publish-key":
+	user    => "root",
+  }
+}
 
-  # Server host key publication
-  case $monkeysphere_publish_key {
-    false: {
-             exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key":
-               unless  => "/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null",
-               user    => "root",
-               require => Package["monkeysphere"],
-             }
-           }
-    default: {
-            exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key && \
-                    /usr/sbin/monkeysphere-host publish-key":
-              unless  => "/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null",
-              user    => "root",
-              require => Package["monkeysphere"],
-            }
-          }
+# add certifiers
+define monkeysphere::add_certifiers( $keyid ) {
+  exec { "/usr/sbin/monkeysphere-authentication add-id-certifier $keyid":
+	environment => "MONKEYSPHERE_PROMPT=false",
+	user    => "root",
+	require => [ Package["monkeysphere"] ],
+	unless => "/usr/sbin/monkeysphere-authentication list-id-certifiers | grep $keyid"
+  }
+}
+define monkeysphere::root_authorized_user_ids( $file ) {
+  file {
+    "/root/.monkeysphere":
+      owner => "root",
+      group => "root",
+      mode => 755,
+      ensure => directory,
+  }
+  file {
+    "/root/.monkeysphere/authorized_user_ids":
+      owner => "root",
+      group => "root",
+      mode => 644,
+      source => "$file",
+      ensure => present,
+      recurse => true,
+  }
+  exec { "/usr/sbin/monkeysphere-authentication update-users root":
+	user    => "root",
+	require => [ Package["monkeysphere"] ],
+        onlyif => "/usr/bin/test /root/.monkeysphere/authorized_user_ids -nt /var/lib/monkeysphere/authorized_keys/root" 
   }
 }
author	Jamie McClelland <jm@mayfirst.org>	2011-03-04 15:20:05 -0500
committer	Jamie McClelland <jm@mayfirst.org>	2011-03-04 15:20:05 -0500
commit	26dbee78df014daa94b40b00b11c20b2f46721d7 (patch)
tree	aabbebfa136b839859d3feb402667ba50845b747 /manifests
parent	28ee8f4e7d762bdc5eb061f2bbfad35a9dff7037 (diff)
download	puppet-monkeysphere-26dbee78df014daa94b40b00b11c20b2f46721d7.tar.gz puppet-monkeysphere-26dbee78df014daa94b40b00b11c20b2f46721d7.tar.bz2