diff options
Diffstat (limited to 'manifests/init.pp')
| -rw-r--r-- | manifests/init.pp | 49 |
1 files changed, 26 insertions, 23 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index d5358b5..a58faec 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,18 +1,18 @@ # This module is distributed under the GNU Affero General Public License: -# +# # Monkeysphere module for puppet # Copyright (C) 2009-2010 Sarava Group -# +# # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as # published by the Free Software Foundation, either version 3 of the # License, or any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. -# +# # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. @@ -20,9 +20,28 @@ # Class for monkeysphere management # -class monkeysphere inherits monkeysphere::defaults { +class monkeysphere( + $ssh_port = '', + $publish_key = false, + $ensure_version = 'installed', + $keyserver = 'pool.sks-keyservers.net' +) { # The needed packages - package { monkeysphere: ensure => installed, } + package{'monkeysphere': + ensure => $ensure_version, + } + + $key = "ssh://${::fqdn}${port}" + + common::module_dir { [ 'monkeysphere', 'monkeysphere/hosts', 'monkeysphere/plugins' ]: } + # This was the old way which the module checked monkeysphere keys + file { "/usr/local/sbin/monkeysphere-check-key": + ensure => absent, + owner => root, + group => root, + mode => 0755, + content => "#!/bin/bash\n/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null || false", + } file { "monkeysphere_conf": path => "/etc/monkeysphere/monkeysphere.conf", @@ -45,22 +64,6 @@ class monkeysphere inherits monkeysphere::defaults { content => template("monkeysphere/monkeysphere-authentication.conf.erb"), require => Package['monkeysphere'], } - - # This was the old way which the module checked monkeysphere keys - file { "/usr/local/sbin/monkeysphere-check-key": - ensure => absent, - owner => root, - group => root, - mode => 0755, - content => "#!/bin/bash\n/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null || false", - } -} - -class monkeysphere::defaults { - $keyserver = $monkeysphere_keyserver ? { - '' => 'pool.sks-keyservers.net', - default => $monkeysphere_keyserver - } } define monkeysphere::import_key ( $scheme = 'ssh://', $port = '', $path = '/etc/ssh/ssh_host_rsa_key', $hostname = $fqdn ) { @@ -80,7 +83,7 @@ define monkeysphere::import_key ( $scheme = 'ssh://', $port = '', $path = '/etc/ } } -# Server host key publication + # Server host key publication define monkeysphere::publish_server_keys ( $keyid = '--all' ) { exec { "monkeysphere-host publish-keys $keyid": environment => "MONKEYSPHERE_PROMPT=false", |