aboutsummaryrefslogtreecommitdiff
path: root/lib/puppet/parser/functions/ssh_keygen.rb
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2011-02-19 18:08:02 -0200
committerSilvio Rhatto <rhatto@riseup.net>2011-02-19 18:08:02 -0200
commit474b23271d7c4f3b82ca2e7888225e74f87ae7a8 (patch)
treeb2b58dacd66a40f5d27a381439d91006339da5b8 /lib/puppet/parser/functions/ssh_keygen.rb
parentac30247bf9d7ea57c01cc5ad743e2788f6e8ea0d (diff)
parente0d3cdbd36bf1d06984240da216b4492efc4e69d (diff)
downloadpuppet-sshd-474b23271d7c4f3b82ca2e7888225e74f87ae7a8.tar.gz
puppet-sshd-474b23271d7c4f3b82ca2e7888225e74f87ae7a8.tar.bz2
Merge branch 'master' of git://labs.riseup.net/shared-sshd
Conflicts: templates/sshd_config/Debian_squeeze.erb
Diffstat (limited to 'lib/puppet/parser/functions/ssh_keygen.rb')
-rw-r--r--lib/puppet/parser/functions/ssh_keygen.rb23
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/puppet/parser/functions/ssh_keygen.rb b/lib/puppet/parser/functions/ssh_keygen.rb
new file mode 100644
index 0000000..09b3d3b
--- /dev/null
+++ b/lib/puppet/parser/functions/ssh_keygen.rb
@@ -0,0 +1,23 @@
+Puppet::Parser::Functions::newfunction(:ssh_keygen, :type => :rvalue, :doc =>
+ "Returns an array containing the ssh private and public (in this order) key
+ for a certain private key path.
+ It will generate the keypair if both do not exist. It will also generate
+ the directory hierarchy if required.
+ It accepts only fully qualified paths, everything else will fail.") do |args|
+ raise Puppet::ParseError, "Wrong number of arguments" unless args.to_a.length == 1
+ private_key_path = args.to_a[0]
+ raise Puppet::ParseError, "Only fully qualified paths are accepted (#{private_key_path})" unless private_key_path =~ /^\/.+/
+ public_key_path = "#{private_key_path}.pub"
+ raise Puppet::ParseError, "Either only the private or only the public key exists" if File.exists?(private_key_path) ^ File.exists?(public_key_path)
+ [private_key_path,public_key_path].each do |path|
+ raise Puppet::ParseError, "#{path} is a directory" if File.directory?(path)
+ end
+
+ dir = File.dirname(private_key_path)
+ Puppet::Util.recmkdir(dir,0700) unless File.directory?(dir)
+ unless [private_key_path,public_key_path].all?{|path| File.exists?(path) }
+ output = Puppet::Util.execute(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', private_key_path, '-P', '', '-q'])
+ raise Puppet::ParseError, "Something went wrong during key generation! Output: #{output}" unless output.empty?
+ end
+ [File.read(private_key_path),File.read(public_key_path)]
+end