diff options
| author | mh <mh@immerda.ch> | 2013-01-02 20:55:28 +0100 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2013-01-02 20:56:27 +0100 |
| commit | 23398fc3f0178f73fa3dee5149426b1b28ce3a8a (patch) | |
| tree | 2ab3f84da5aa561fa54bdf71a6ca2bd26655e0bc /manifests | |
| parent | 6321144806ec67ff2d5a12df95b00f1250b8fcca (diff) | |
| parent | c4913fb3e46624494a0935ec133b25db735afc30 (diff) | |
| download | puppet-monkeysphere-23398fc3f0178f73fa3dee5149426b1b28ce3a8a.tar.gz puppet-monkeysphere-23398fc3f0178f73fa3dee5149426b1b28ce3a8a.tar.bz2 | |
Merge remote-tracking branch 'vireo/master' into merge
Conflicts:
.gitignore
manifests/init.pp
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 23 | ||||
| -rw-r--r-- | manifests/signer.pp | 4 | ||||
| -rw-r--r-- | manifests/sshserver.pp | 29 | ||||
| -rw-r--r-- | manifests/sshserverdanger.pp | 11 |
4 files changed, 58 insertions, 9 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index ca73120..853aed7 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -20,11 +20,14 @@ # Class for monkeysphere management # class monkeysphere( - $ssh_port = '', - $publish_key = false + $ssh_port = '', + $publish_key = false, + $ensure_version = 'installed' ) { # The needed packages - package { monkeysphere: ensure => installed, } + package{'monkeysphere': + ensure => $ensure_version, + } $port = $monkeysphere::ssh_port ? { '' => '', @@ -33,12 +36,14 @@ class monkeysphere( $key = "ssh://${::fqdn}${port}" - file { "/usr/local/sbin/monkeysphere-check-key": - ensure => present, - owner => root, - group => root, - mode => 0755, - content => "#!/bin/bash\n/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=${key}' &> /dev/null || false", + common::module_dir { [ "monkeysphere", "monkeysphere/hosts", "monkeysphere/plugins" ]: } + file { + '/usr/local/sbin/monkeysphere-check-key': + ensure => present, + owner => root, + group => root, + mode => 0755, + content => "#!/bin/bash\n/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=${key}' &> /dev/null || false", } # Server host key publication diff --git a/manifests/signer.pp b/manifests/signer.pp new file mode 100644 index 0000000..350b4be --- /dev/null +++ b/manifests/signer.pp @@ -0,0 +1,4 @@ +class monkeysphere::signer inherits monkeysphere +{ + File <<| tag == 'monkeysphere-host' |>> +} diff --git a/manifests/sshserver.pp b/manifests/sshserver.pp new file mode 100644 index 0000000..966e136 --- /dev/null +++ b/manifests/sshserver.pp @@ -0,0 +1,29 @@ +class monkeysphere::sshserver inherits monkeysphere +{ + + exec {"import.hostkey": + command => "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://${fqdn} && echo Y | /usr/sbin/monkeysphere-host publish-key", + unless => "/usr/sbin/monkeysphere-host show-key", + user => root, + require => [ Package[ "monkeysphere" ] ], + } + + if $monkeysphere_has_hostkey { + @@file { "/var/lib/puppet/modules/monkeysphere/hosts/${fqdn}": + ensure => present, + content => template("monkeysphere/host.erb" ), + require => [ Package[ "monkeysphere" ] ], + tag => 'monkeysphere-host', + } + } + + file { "/etc/cron.d/update-monkeysphere-auth": + ensure => present, + source => "puppet:///modules/monkeysphere/etc/cron.d/update-monkeysphere-auth", + require => [ Package[ "monkeysphere" ] ], + mode => 0644, + owner => root, + group => root, + } + +} diff --git a/manifests/sshserverdanger.pp b/manifests/sshserverdanger.pp new file mode 100644 index 0000000..7d7f12c --- /dev/null +++ b/manifests/sshserverdanger.pp @@ -0,0 +1,11 @@ +class monkeysphere::sshserverdanger inherits monkeysphere::sshserver +{ + augeas { "sshd_config": + context => "/files/etc/ssh/sshd_config", + changes => [ + "set AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u" + ], + notify => Service[ "ssh" ], + } + +} |