projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge onion::service absent support from tor
[mirror/dsa-puppet.git] / modules / portforwarder / manifests / init.pp
diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp
index 8fd01c3..e7009b2 100644 (file)
--- a/modules/portforwarder/manifests/init.pp
+++ b/modules/portforwarder/manifests/init.pp
@@ -1,6 +1,14 @@
 class portforwarder {
        # do not depend on xinetd, yet.  it might uninstall other inetds
        # for now this will have to be done manually
+
+       if ! $::portforwarder_key {
+               exec { 'create-portforwarder-key':
+                       command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
+                       onlyif  => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
+               }
+       }
+
        file { '/etc/ssh/userkeys/portforwarder':
                content => template('portforwarder/authorized_keys.erb'),
        }
@@ -12,11 +20,10 @@ class portforwarder {
        }
        file { '/etc/xinetd.d/dsa-portforwader':
                content => template('portforwarder/xinetd.erb'),
-               notify  => Exec['xinetd reload']
+               notify  => Exec['service xinetd reload']
        }
 
-       exec { 'xinetd reload':
-               path        => '/etc/init.d:/usr/bin:/usr/sbin:/bin:/sbin',
+       exec { 'service xinetd reload':
                refreshonly => true,
        }
 }
Unnamed repository; edit this file 'description' to name the repository.