# collect authorized_keys stored using authorized_key_add

define ssh::authorized_key_collect(
  String $target_user,
  String $collect_tag,
) {
  concat { "/etc/ssh/userkeys/${target_user}": }
  concat::fragment { "/etc/ssh/userkeys/${target_user}-header":
    target  => "/etc/ssh/userkeys/${target_user}",
    order   => '000',
    content => "# This file is maintained with puppet\n",
  }
  Concat::Fragment <<| tag == "ssh::authorized_key::fragment::${collect_tag}::${target_user}" |>>

  Ferm::Rule <<| tag == "ssh::authorized_key::ferm::${collect_tag}::${target_user}" |>>
}