projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
move things from modules/roles/static* to modules/static*
[mirror/dsa-puppet.git] / modules / staticsync / manifests / ssh.pp
diff --git a/modules/staticsync/manifests/ssh.pp b/modules/staticsync/manifests/ssh.pp
new file mode 100644 (file)
index 0000000..22078cb
--- /dev/null
+++ b/modules/staticsync/manifests/ssh.pp
@@ -0,0 +1,20 @@
+# wrapper for ssh setup for statichosts
+class roles::static::ssh(
+  Variant[Array[String], String] $add_tag,
+  String                         $collect_tag,
+  )
+{
+  ssh::keygen {'staticsync': }
+
+  ssh::authorized_key_add { 'staticsync':
+    target_user => 'staticsync',
+    command     => "/usr/local/bin/staticsync-ssh-wrap ${::fqdn}",
+    key         => $facts['staticsync_key'],
+    options     => ['restrict', 'pty'],
+    collect_tag => $add_tag,
+  }
+  ssh::authorized_key_collect { 'staticsync':
+    target_user => 'staticsync',
+    collect_tag => $collect_tag,
+  }
+}
Unnamed repository; edit this file 'description' to name the repository.