X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fportforwarder%2Ftemplates%2Fauthorized_keys.erb;fp=modules%2Fportforwarder%2Ftemplates%2Fauthorized_keys.erb;h=fe4ac47450efafeafdfb2638834b1d6117334a2d;hb=571572f372320efab5230dc52f7591ba0d2831ef;hp=0000000000000000000000000000000000000000;hpb=399f16bef9ea3d90fb1dcfbe2356bd0fdbe1dc9f;p=mirror%2Fdsa-puppet.git

diff --git a/modules/portforwarder/templates/authorized_keys.erb b/modules/portforwarder/templates/authorized_keys.erb
new file mode 100644
index 000000000..fe4ac4745
--- /dev/null
+++ b/modules/portforwarder/templates/authorized_keys.erb
@@ -0,0 +1,24 @@
+<%=
+config = YAML.load(File.open('/etc/puppet/modules/portforwarder/misc/config.yaml').read)
+config.each_pair do |sourcehost, services|
+	services.each do |service|
+		next if service['target_host'] != hostname
+
+		sshkey = nil
+		remote_ip = keyinfo[sourcehost][0]['ipHostNumber'].join(',')
+		forward_to_port = service['target_port']
+		local_bind = 127.0.0.2
+
+		lines << "# from #{sourcehost} on local port #{service['source_bind_port']}"
+		if remote_ip.nil? or forward_to_port.nil? or local_bind.nil?
+		#if sshkey.nil? or remote_ip.nil? or forward_to_port.nil? or local_bind.nil?
+			lines << "# insufficient config values"
+		else
+			#lines << "from=\"#{remote_ip}\",command=\"/bin/nc -s #{local_bind} 127.0.0.1 #{forward_to_port}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding #{sshkey}"
+			lines << "#from=\"#{remote_ip}\",command=\"/bin/nc -s #{local_bind} 127.0.0.1 #{forward_to_port}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding <sshkey here>"
+		end
+	end
+end
+lines = []
+lines.join("\n")
+%>