| 1 |
# Install a key pair into a user's account. |
| 2 |
define sshkeys::set_client_key_pair ( |
| 3 |
$keyname = '', |
| 4 |
$ensure = 'present', |
| 5 |
$filename = 'id_rsa', |
| 6 |
$group = '', |
| 7 |
$home = '', |
| 8 |
$user |
| 9 |
) { |
| 10 |
include sshkeys::var |
| 11 |
File { |
| 12 |
owner => $user, |
| 13 |
group => $group ? { '' => $user, default => $group }, |
| 14 |
mode => 600, |
| 15 |
require => [ User[$user], File[$home]], |
| 16 |
} |
| 17 |
|
| 18 |
$_keyname = $keyname ? { '' => $title, default => $keyname } |
| 19 |
$_home = $home ? { '' => "/home/${user}", default => $home } |
| 20 |
$key_src_file = "${sshkeys::var::keymaster_storage}/${_keyname}/key" # on the keymaster |
| 21 |
$key_tgt_file = "${_home}/.ssh/${filename}" # on the client |
| 22 |
|
| 23 |
$key_src_content_pub = file("${key_src_file}.pub", "/dev/null") |
| 24 |
if $ensure == "absent" or $key_src_content_pub =~ /^(ssh-...) ([^ ]+)/ { |
| 25 |
$keytype = $1 |
| 26 |
$modulus = $2 |
| 27 |
file { |
| 28 |
$key_tgt_file: |
| 29 |
ensure => $ensure, |
| 30 |
content => file($key_src_file, "/dev/null"); |
| 31 |
"${key_tgt_file}.pub": |
| 32 |
ensure => $ensure, |
| 33 |
content => "$keytype $modulus $title\n", |
| 34 |
mode => 644; |
| 35 |
} |
| 36 |
} else { |
| 37 |
notify { "Private key file $key_src_file for key $title not found on keymaster; skipping ensure => present": } |
| 38 |
} |
| 39 |
} |
Parent Directory
| 
Revision Log