aboutsummaryrefslogtreecommitdiff
path: root/manifests/defines/ssh_config.pp
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2013-04-12 17:09:03 -0300
committerSilvio Rhatto <rhatto@riseup.net>2013-04-12 17:09:03 -0300
commitfe1c86b8f938283e9dd8196a8b11a9648f4b49e6 (patch)
treec2d999eca03862a3e4af57e0885397adf6bbc6ec /manifests/defines/ssh_config.pp
parentec5c750d12bdc7948bb3c04f0c72817718a0bf47 (diff)
downloadpuppet-nodo-fe1c86b8f938283e9dd8196a8b11a9648f4b49e6.tar.gz
puppet-nodo-fe1c86b8f938283e9dd8196a8b11a9648f4b49e6.tar.bz2
Major refactor
Diffstat (limited to 'manifests/defines/ssh_config.pp')
-rw-r--r--manifests/defines/ssh_config.pp26
1 files changed, 26 insertions, 0 deletions
diff --git a/manifests/defines/ssh_config.pp b/manifests/defines/ssh_config.pp
new file mode 100644
index 0000000..62e1d66
--- /dev/null
+++ b/manifests/defines/ssh_config.pp
@@ -0,0 +1,26 @@
+# Manage ssh config for a particular user
+define ssh_config($owner, $home = '/home/$owner', $ssh_localhost_auth = false) {
+ include nodo::subsystem::ssh_folder
+
+ file { "${home}/.ssh/config":
+ ensure => present,
+ owner => $owner,
+ group => $group,
+ mode => 0600,
+ require => File["${home}/.ssh"],
+ }
+
+ # The NoHostAuthenticationForLocalhost ssh option might be useful
+ # for automated deployment environments so your ikiwiki user doesn't
+ # get stuck with the fingerprint confirmation prompt when pushing
+ # content via ssh in the first time it runs.
+ line { 'NoHostAuthenticationForLocalhost-${owner}':
+ file => "${home}/.ssh/config",
+ line => "NoHostAuthenticationForLocalhost yes",
+ ensure => $ssh_localhost_auth ? {
+ 'auto' => present,
+ 'fingerprint' => absent,
+ default => absent,
+ },
+ }
+}