target_user => 'letsencrypt',
collect_tag => 'dns_primary',
}
- ssh::keygen {'dnsadm': }
+ ssh::authorized_key_collect { 'dns_primary-geodnssync':
+ target_user => 'geodnssync',
+ collect_tag => 'dns_primary',
+ }
+ ssh::keygen {'dnsadm': }
ssh::authorized_key_add { 'dns_primary::geodns':
target_user => 'geodnssync',
command => '/etc/bind/geodns/trigger',
key => $facts['dnsadm_key'],
collect_tag => 'geodnssync-node',
}
+
+ ssh::keygen {'letsencrypt': }
+ ssh::authorized_key_add { 'dns_primary::puppetmaster::letsencrypt-certificates':
+ target_user => 'puppet',
+ command => 'rsync --server -vlogDtprze.iLsfx --delete --partial . /srv/puppet.debian.org/from-letsencrypt',
+ key => $facts['letsencrypt_key'],
+ collect_tag => 'puppetmaster',
+ }
}