/[adm]/puppet/modules/openssh/manifests/ssh_keys_from_ldap.pp
ViewVC logotype

Annotation of /puppet/modules/openssh/manifests/ssh_keys_from_ldap.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2702 - (hide annotations) (download)
Mon Apr 2 11:05:25 2012 UTC (9 years, 5 months ago) by misc
File size: 1328 byte(s)
split ssh_keys_from_ldap in a different file
1 misc 2702 class openssh::ssh_keys_from_ldap($symlink_users = [],
2     $config = '') inherits server {
3     # root account authorized_keys will be symlinked
4     # if you want to add symlink on other accounts, use $symlink_users parameter
5    
6     File ['/etc/ssh/sshd_config'] {
7     content => template('openssh/sshd_config','openssh/sshd_config_ldap')
8     }
9    
10     package { 'python-ldap': }
11    
12     $pubkeys_directory = '/var/lib/pubkeys'
13     file { $pubkeys_directory:
14     ensure => directory,
15     }
16    
17     file { "$pubkeys_directory/root":
18     ensure => directory,
19     mode => '0700',
20     }
21    
22     file { "$pubkeys_directory/root/authorized_keys":
23     ensure => link,
24     target => '/root/.ssh/authorized_keys',
25     mode => '0700',
26     }
27    
28     symlink_user { $symlink_users: }
29    
30     $ldap_pwfile = '/etc/ldap.secret'
31     $ldap_servers = get_ldap_servers()
32     local_script { 'ldap-sshkey2file.py':
33     content => template('openssh/ldap-sshkey2file.py'),
34     require => Package['python-ldap']
35     }
36    
37     cron { 'sshkey2file':
38     command => '/usr/local/bin/ldap-sshkey2file.py',
39     hour => '*',
40     minute => '*/10',
41     user => 'root',
42     environment => 'MAILTO=root',
43     require => Local_script['ldap-sshkey2file.py'],
44     }
45     }

  ViewVC Help
Powered by ViewVC 1.1.28