Set up ssh between snapshot nodes

[mirror/dsa-puppet.git] / modules / roles / manifests / snapshot_secondary.pp

diff --git a/modules/roles/manifests/snapshot_secondary.pp b/modules/roles/manifests/snapshot_secondary.pp
new file mode 100644 (file)
index 0000000..f4ef77d
--- /dev/null
+++ b/modules/roles/manifests/snapshot_secondary.pp
@@ -0,0 +1,16 @@
+# snapshot secondary
+#
+# That is any node that requires ssh access to the master,
+# like sync targets or web mirrors.
+class roles::snapshot_secondary {
+  include roles::snapshot_base
+
+  ssh::keygen {'snapshot': }
+
+  ssh::authorized_key_add { "roles::snapshot_master::from::farmsync_target::${::fqdn}":
+    target_user => 'snapshot',
+    key         => dig($facts, 'ssh_keys_users', 'snapshot', 'id_rsa.pub', 'line'),
+    command     => '~/code/mirror/ssh-wrap master',
+    collect_tag => 'roles::snapshot::to::master',
+  }
+}