From 9a4c41ca7a1312af74a8ee9f1c7f07e22352f7d3 Mon Sep 17 00:00:00 2001
From: Jamie McClelland <jm@mayfirst.org>
Date: Sat, 19 Mar 2011 01:17:01 -0400
Subject: adding ability to specify a key server.

---
 manifests/init.pp | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index d9dc98e..2d4bd61 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -25,10 +25,18 @@ class monkeysphere {
 
 }
 
+class monkeysphere::defaults inherits monkeysphere {
+  $keyserver = $monkeysphere_keyserver ? {
+    '' => "pool.sks-keyservers.net",
+    default => $monkeysphere_keyserver,
+  }
+}
+
 class monkeysphere::import_key inherits monkeysphere {
   $key = "ssh://${fqdn}"
   # Server host key import 
   exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key":
+    alias => "monkeysphere-import-key",
 	  user    => "root",
 	  unless => "/usr/sbin/monkeysphere-host s | grep $key"
   }
@@ -36,6 +44,7 @@ class monkeysphere::import_key inherits monkeysphere {
 
 # Server host key publication
 class monkeysphere::publish_key inherits monkeysphere { 
+  include monkeysphere::defaults
   $no_publish = $monkeysphere_no_publish ? {
     '' => '',
     default => $monkeysphere_no_publish
@@ -44,7 +53,7 @@ class monkeysphere::publish_key inherits monkeysphere {
     info("Not publishing $fqdn monkeysphere key")
   } else {
     exec { "/usr/sbin/monkeysphere-host publish-key":
-      environment => "MONKEYSPHERE_PROMPT=false",
+      environment => [ "MONKEYSPHERE_PROMPT=false", "MONKEYSPHERE_KEYSERVER=$keyserver" ],
       user    => "root",
     }
   }
@@ -52,10 +61,11 @@ class monkeysphere::publish_key inherits monkeysphere {
 
 # add certifiers
 define monkeysphere::add_certifiers( $keyid ) {
+  include monkeysphere::defaults
   exec { "/usr/sbin/monkeysphere-authentication add-id-certifier $keyid":
-	  environment => "MONKEYSPHERE_PROMPT=false",
+	  environment => [ "MONKEYSPHERE_PROMPT=false", "MONKEYSPHERE_KEYSERVER=$keyserver" ],
 	  user    => "root",
-	  require => [ Package["monkeysphere"] ],
+	  require => [ Package["monkeysphere"], Exec["monkeysphere-import-key"] ],
 	  unless => "/usr/sbin/monkeysphere-authentication list-id-certifiers | grep $keyid"
   }
 }
@@ -77,6 +87,7 @@ define monkeysphere::root_authorized_user_ids( $file ) {
       recurse => true,
   }
   exec { "/usr/sbin/monkeysphere-authentication update-users root":
+	  environment => "MONKEYSPHERE_KEYSERVER=$keyserver",
 	  user    => "root",
 	  require => [ Package["monkeysphere"] ],
     onlyif => "/usr/bin/test /root/.monkeysphere/authorized_user_ids -nt /var/lib/monkeysphere/authorized_keys/root" 
-- 
cgit v1.2.3