diff options
-rw-r--r-- | manifests/ssh_authorized_key.pp | 61 |
1 files changed, 27 insertions, 34 deletions
diff --git a/manifests/ssh_authorized_key.pp b/manifests/ssh_authorized_key.pp index f942d62..6d98be4 100644 --- a/manifests/ssh_authorized_key.pp +++ b/manifests/ssh_authorized_key.pp @@ -48,45 +48,38 @@ define sshd::ssh_authorized_key( # nothing a user can't already do by writing their own file resources, # we still depend on the filesystem permissions to keep things safe. if $override_builtin { - case $options { - 'absent': { - info("not setting any option for ssh_authorized_key: ${name}") - $header = "# HEADER: This file is managed by Puppet.\n" + $header = "# HEADER: This file is managed by Puppet.\n" - file { $real_target: - ensure => $ensure, - content => "${header}${type} ${key}", - owner => $real_user, - mode => '0600'; - } - } - default: { - file { $real_target: - ensure => $ensure, - content => "${header}${options} ${type} ${key}", - owner => $real_user, - mode => '0600'; - } - } + if $options == 'absent' { + info("not setting any option for ssh_authorized_key: ${name}") + $content = "${header}${type} ${key}" + } else { + $content = "${header}${options} ${type} ${key}" + } + + file { $real_target: + ensure => $ensure, + content => $content, + owner => $real_user, + mode => '0600', } + } else { - ssh_authorized_key{$name: - ensure => $ensure, - type => $type, - key => $key, - user => $real_user, - target => $real_target, + + if $options == 'absent' { + info("not setting any option for ssh_authorized_key: ${name}") + } else { + $real_options = $options } - case $options { - 'absent': { - info("not setting any option for ssh_authorized_key: ${name}") - } - default: { - Ssh_authorized_key[$name]{ - options => $options, - } - } + ssh_authorized_key{$name: + ensure => $ensure, + type => $type, + key => $key, + user => $real_user, + target => $real_target, + options => $real_options, } } + } |