X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fweblog_provider.pp;h=bed4aaca4ba84f193bfb04e1b3c94d4b7b972efc;hb=e71099e47c57303bb7090e404db84ad3e8d3b75b;hp=4470fa9dd86c34568685c0a029c1941af8a8d542;hpb=7aeee13f3e60bc4a876d654843a5f452750e179e;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/weblog_provider.pp b/modules/roles/manifests/weblog_provider.pp
index 4470fa9dd..bed4aaca4 100644
--- a/modules/roles/manifests/weblog_provider.pp
+++ b/modules/roles/manifests/weblog_provider.pp
@@ -1,18 +1,18 @@
+# a provider of webserver logs
 class roles::weblog_provider {
-	if ! $::weblogsync_key {
-		exec { 'create-weblogsync-key':
-			command => '/bin/su - weblogsync -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-			onlyif  => '/usr/bin/getent passwd weblogsync > /dev/null && ! [ -e /home/weblogsync/.ssh/id_rsa ]'
-		}
-	} else {
-		file { '/etc/cron.d/puppet-weblog-provider':
-			ensure => absent,
-		}
-		concat::fragment { 'dsa-puppet-stuff--weblog-provider':
-			target => '/etc/cron.d/dsa-puppet-stuff',
-			content  => @(EOF)
-				0 1 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include 'www.debian.org-access.log-*gz' --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming-
-				| EOF
-		}
-	}
+  ssh::keygen {'weblogsync': }
+  ssh::authorized_key_add { 'weblongsync-provider::destination':
+    target_user => 'weblogsync',
+    key         => dig($facts, 'ssh_keys_users', 'weblogsync', 'id_rsa.pub', 'line'),
+    command     => "/srv/weblogs.debian.org/bin/ssh-wrap ${::fqdn}",
+    collect_tag => 'weblogsync',
+  }
+
+  file { '/etc/cron.d/puppet-weblog-provider': ensure => absent, }
+  concat::fragment { 'puppet-crontab--weblog-provider':
+    target => '/etc/cron.d/puppet-crontab',
+    content  => @(EOF)
+                0 1 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include 'www.debian.org-access.log-*gz' --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming-
+                | EOF
+  }
 }