diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2015-09-11 21:16:42 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2015-09-11 21:16:42 -0300 |
commit | 76ec4642be1a8bc64380c077a5890c4d0f4243e0 (patch) | |
tree | e31930271b7eefb3c3d693264e012e8ff45832ae /manifests/subsystem/ssh/config.pp | |
parent | 6509060a791daeeee13c40f9367489ac5e00880e (diff) | |
download | puppet-nodo-76ec4642be1a8bc64380c077a5890c4d0f4243e0.tar.gz puppet-nodo-76ec4642be1a8bc64380c077a5890c4d0f4243e0.tar.bz2 |
Autoload definitions
Diffstat (limited to 'manifests/subsystem/ssh/config.pp')
-rw-r--r-- | manifests/subsystem/ssh/config.pp | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/manifests/subsystem/ssh/config.pp b/manifests/subsystem/ssh/config.pp new file mode 100644 index 0000000..6c9fbc3 --- /dev/null +++ b/manifests/subsystem/ssh/config.pp @@ -0,0 +1,35 @@ +# Manage ssh config for a particular user +define nodo::subsystem::ssh::config( + $owner, + $group, + $home = '/home/$owner', + $ssh_localhost_auth = false +) { + nodo::subsystem::ssh::folder { "ssh-config-${name}": + home => $home, + owner => $owner, + group => $group, + } + + file { "${home}/.ssh/config": + ensure => present, + owner => $owner, + group => $group, + mode => 0600, + require => File["${home}/.ssh"], + } + + # The NoHostAuthenticationForLocalhost ssh option might be useful + # for automated deployment environments so your ikiwiki user doesn't + # get stuck with the fingerprint confirmation prompt when pushing + # content via ssh in the first time it runs. + line { 'NoHostAuthenticationForLocalhost-${owner}': + file => "${home}/.ssh/config", + line => "NoHostAuthenticationForLocalhost yes", + ensure => $ssh_localhost_auth ? { + 'auto' => present, + 'fingerprint' => absent, + default => absent, + }, + } +} |