| 1 |
class openssh::ssh_keys_from_ldap($symlink_users = [], |
| 2 |
$config = '') inherits server { |
| 3 |
# root account authorized_keys will be symlinked |
| 4 |
# if you want to add symlink on other accounts, use $symlink_users parameter |
| 5 |
|
| 6 |
File ['/etc/ssh/sshd_config'] { |
| 7 |
content => template('openssh/sshd_config','openssh/sshd_config_ldap') |
| 8 |
} |
| 9 |
|
| 10 |
package { 'python-ldap': } |
| 11 |
|
| 12 |
include openssh::pubkeys_directory |
| 13 |
$pubkeys_directory = $openssh::pubkeys_directory::pubkeys_directory |
| 14 |
|
| 15 |
symlink_user { $symlink_users: } |
| 16 |
|
| 17 |
$ldap_pwfile = '/etc/ldap.secret' |
| 18 |
$ldap_servers = get_ldap_servers() |
| 19 |
local_script { 'ldap-sshkey2file.py': |
| 20 |
content => template('openssh/ldap-sshkey2file.py'), |
| 21 |
require => Package['python-ldap'] |
| 22 |
} |
| 23 |
|
| 24 |
cron { 'sshkey2file': |
| 25 |
command => '/usr/local/bin/ldap-sshkey2file.py', |
| 26 |
hour => '*', |
| 27 |
minute => '*/10', |
| 28 |
user => 'root', |
| 29 |
environment => 'MAILTO=root', |
| 30 |
require => Local_script['ldap-sshkey2file.py'], |
| 31 |
} |
| 32 |
} |
Parent Directory
| 
Revision Log