From 5c729410824c817325e3d495aac932feda7574b9 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 16 Dec 2010 16:22:24 +0100
Subject: Add a function to create ssh keys on the fly
This allows you to use content of ssh keys within your manifests
and generate them automatically if they don't exist yet.
---
lib/puppet/parser/functions/.ssh_keygen.rb.swp | Bin 0 -> 12288 bytes
lib/puppet/parser/functions/ssh_keygen.rb | 23 +++++++++++++++++++++++
2 files changed, 23 insertions(+)
create mode 100644 lib/puppet/parser/functions/.ssh_keygen.rb.swp
create mode 100644 lib/puppet/parser/functions/ssh_keygen.rb
(limited to 'lib')
diff --git a/lib/puppet/parser/functions/.ssh_keygen.rb.swp b/lib/puppet/parser/functions/.ssh_keygen.rb.swp
new file mode 100644
index 0000000..b5036fa
Binary files /dev/null and b/lib/puppet/parser/functions/.ssh_keygen.rb.swp differ
diff --git a/lib/puppet/parser/functions/ssh_keygen.rb b/lib/puppet/parser/functions/ssh_keygen.rb
new file mode 100644
index 0000000..18b006a
--- /dev/null
+++ b/lib/puppet/parser/functions/ssh_keygen.rb
@@ -0,0 +1,23 @@
+Puppet::Parser::Functions::newfunction(:ssh_keygen, :type => :rvalue, :doc =>
+ "Returns an array containing the ssh private and public (in this order) key
+ for a certain private key path.
+ It will generate the keypair if both do not exist. It will also generate
+ the directory hierarchy if required.
+ It accepts only fully qualified paths, everything else will fail.") do |args|
+ raise Puppet::ParseError, "Wrong number of arguments" unless args.to_a.length == 1
+ private_key_path = args
+ raise Puppet::ParseError, "Only fully qualified paths are accepted" unless private_key_path =~ /^\/.+/
+ public_key_path = "#{private_key_path}.pub"
+ raise Puppet::ParseError, "Either only the private or only the public key exists" if File.exists?(private_key_path) ^ File.exists?(public_key_path)
+ [private_key_path,public_key_path].each do |path|
+ raise Puppet::ParseError, "#{path} is a directory" if File.directory?(path)
+ end
+
+ dir = File.dirname(private_key_path)
+ Puppet::Util.recmkdir(dir,0700) unless File.directory?(dir)
+ unless [private_key_path,public_key_path].all?{|path| File.exists?(path) }
+ output = Puppet::Util.execute(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', private_key_path, '-P', '', '-q'])
+ raise Puppet::ParseError, "Something went wrong during key generation! Output: #{output}" unless output.empty?
+ end
+ [File.read(private_key_path),File.read(public_key_path)]
+end
--
cgit v1.2.3
From 93fabb2021f97f570cc2c8d48c7e7a425f7a1605 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 16 Dec 2010 17:12:56 +0100
Subject: remove stupid swap
---
lib/puppet/parser/functions/.ssh_keygen.rb.swp | Bin 12288 -> 0 bytes
1 file changed, 0 insertions(+), 0 deletions(-)
delete mode 100644 lib/puppet/parser/functions/.ssh_keygen.rb.swp
(limited to 'lib')
diff --git a/lib/puppet/parser/functions/.ssh_keygen.rb.swp b/lib/puppet/parser/functions/.ssh_keygen.rb.swp
deleted file mode 100644
index b5036fa..0000000
Binary files a/lib/puppet/parser/functions/.ssh_keygen.rb.swp and /dev/null differ
--
cgit v1.2.3
From 584cee72362cf5b2d822164ef6569fe4671eabf6 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 16 Dec 2010 17:15:36 +0100
Subject: made error mesage a bit more verbose
---
lib/puppet/parser/functions/ssh_keygen.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lib')
diff --git a/lib/puppet/parser/functions/ssh_keygen.rb b/lib/puppet/parser/functions/ssh_keygen.rb
index 18b006a..24efe62 100644
--- a/lib/puppet/parser/functions/ssh_keygen.rb
+++ b/lib/puppet/parser/functions/ssh_keygen.rb
@@ -6,7 +6,7 @@ Puppet::Parser::Functions::newfunction(:ssh_keygen, :type => :rvalue, :doc =>
It accepts only fully qualified paths, everything else will fail.") do |args|
raise Puppet::ParseError, "Wrong number of arguments" unless args.to_a.length == 1
private_key_path = args
- raise Puppet::ParseError, "Only fully qualified paths are accepted" unless private_key_path =~ /^\/.+/
+ raise Puppet::ParseError, "Only fully qualified paths are accepted (#{private_key_path})" unless private_key_path =~ /^\/.+/
public_key_path = "#{private_key_path}.pub"
raise Puppet::ParseError, "Either only the private or only the public key exists" if File.exists?(private_key_path) ^ File.exists?(public_key_path)
[private_key_path,public_key_path].each do |path|
--
cgit v1.2.3
From fa3d9e165404a5ed686d152002e5f7fd21b21e30 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Thu, 16 Dec 2010 17:33:04 +0100
Subject: do some trickery as arguments from puppet are passed as an array
---
lib/puppet/parser/functions/ssh_keygen.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lib')
diff --git a/lib/puppet/parser/functions/ssh_keygen.rb b/lib/puppet/parser/functions/ssh_keygen.rb
index 24efe62..09b3d3b 100644
--- a/lib/puppet/parser/functions/ssh_keygen.rb
+++ b/lib/puppet/parser/functions/ssh_keygen.rb
@@ -5,7 +5,7 @@ Puppet::Parser::Functions::newfunction(:ssh_keygen, :type => :rvalue, :doc =>
the directory hierarchy if required.
It accepts only fully qualified paths, everything else will fail.") do |args|
raise Puppet::ParseError, "Wrong number of arguments" unless args.to_a.length == 1
- private_key_path = args
+ private_key_path = args.to_a[0]
raise Puppet::ParseError, "Only fully qualified paths are accepted (#{private_key_path})" unless private_key_path =~ /^\/.+/
public_key_path = "#{private_key_path}.pub"
raise Puppet::ParseError, "Either only the private or only the public key exists" if File.exists?(private_key_path) ^ File.exists?(public_key_path)
--
cgit v1.2.3