X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fpostgres%2Fmanifests%2Fbackup_server%2Fregister_backup_clienthost.pp;h=7580845e03f3f883a33cd8ef24127966cbb3610e;hb=dc2858047a151e2fbe466678c21d6533a5c245bf;hp=00ef58288b67591560cd09ca1a6bf4bd92472f56;hpb=fa71f654c67691b4b4a276cf936eb76cab6d60f6;p=mirror%2Fdsa-puppet.git

diff --git a/modules/postgres/manifests/backup_server/register_backup_clienthost.pp b/modules/postgres/manifests/backup_server/register_backup_clienthost.pp
index 00ef58288..7580845e0 100644
--- a/modules/postgres/manifests/backup_server/register_backup_clienthost.pp
+++ b/modules/postgres/manifests/backup_server/register_backup_clienthost.pp
@@ -1,19 +1,18 @@
+# register this host at the backup servers
 #
+# This class set up the ssh authorization on the backup servers
+# so this client can push WAL segments.
 define postgres::backup_server::register_backup_clienthost (
-	$sshpubkey = $::postgresql_key,
-	$ipaddrlist = join(getfromhash($site::nodeinfo, 'ldap', 'ipHostNumber'), ","),
-	$hostname = $::hostname,
 ) {
-	include postgres::backup_server::globals
+  include postgres::backup_server::globals
 
-	if $sshpubkey {
-		$addr = assert_type(String[1], $ipaddrlist)
-		@@concat::fragment { "postgresql::server::backup-source-clienthost::$name::$fqdn":
-			target => $postgres::backup_server::globals::sshkeys_sources ,
-			content  => @("EOF"),
-					${hostname} ${addr} ${sshpubkey}
-					| EOF
-			tag     => $postgres::backup_server::globals::tag_source_sshkey,
-		}
-	}
+  $ssh_command = "/usr/local/bin/debbackup-ssh-wrap ${::hostname}"
+
+  ssh::authorized_key_add { 'register_backup_clienthost':
+    target_user => $postgres::backup_server::globals::backup_unix_user,
+    key         => dig($facts, 'ssh_keys_users', 'postgres', 'id_rsa.pub', 'line'),
+    command     => $ssh_command,
+    from        => $base::public_addresses,
+    collect_tag => $postgres::backup_server::globals::tag_source_sshkey,
+  }
 }