Fix ssh key error and also remove duplicates
We need specific key ids for keys, and if the key id changes, we need a way to delete old ones. We also need the file to be writable by at least the user so that puppet doesn't complain. Change-Id: I5718b80d844d5f95149d0e23d98960879955c43c
This commit is contained in:
parent
ac74cc2a0b
commit
ff3de251c9
|
@ -6,6 +6,8 @@ define user::virtual::localuser(
|
|||
$realname,
|
||||
$groups = [ 'sudo', 'admin', ],
|
||||
$sshkeys = '',
|
||||
$key_id = '',
|
||||
$old_keys = [],
|
||||
$shell = '/bin/bash',
|
||||
$home = "/home/${title}",
|
||||
$managehome = true
|
||||
|
@ -36,12 +38,31 @@ define user::virtual::localuser(
|
|||
require => User[$title],
|
||||
}
|
||||
|
||||
ssh_authorized_key { "${title}_keys":
|
||||
file { "${title}_keyfile":
|
||||
ensure => present,
|
||||
mode => '0600',
|
||||
name => "${home}/.ssh/authorized_keys",
|
||||
require => File["${title}_sshdir"],
|
||||
}
|
||||
|
||||
ssh_authorized_key { $key_id:
|
||||
ensure => present,
|
||||
key => $sshkeys,
|
||||
user => $title,
|
||||
type => 'ssh-rsa',
|
||||
require => File["${title}_sshdir"],
|
||||
require => File["${title}_keyfile"],
|
||||
}
|
||||
|
||||
ssh_authorized_key { "${title}_keys":
|
||||
ensure => absent,
|
||||
user => $title,
|
||||
}
|
||||
|
||||
if ( $old_keys != [] ) {
|
||||
ssh_authorized_key { $old_keys:
|
||||
ensure => absent,
|
||||
user => $title,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue