put initial ssh_known_hosts in place and run ud-replicate by puppet
authorPeter Palfrader <peter@palfrader.org>
Wed, 2 May 2018 14:20:30 +0000 (16:20 +0200)
committerPeter Palfrader <peter@palfrader.org>
Wed, 2 May 2018 14:20:30 +0000 (16:20 +0200)
modules/debian_org/lib/facter/paths.rb
modules/debian_org/manifests/init.pp

index ee6afbc..c422bc4 100644 (file)
@@ -14,6 +14,7 @@
    /srv/mirrors/public-debian-security
    /dev/hwrng
    /lib/udev/rules.d/60-kpartx.rules
    /srv/mirrors/public-debian-security
    /dev/hwrng
    /lib/udev/rules.d/60-kpartx.rules
+   /etc/ssh/ssh_known_hosts
 }.each do |path|
        Facter.add("has" + path.gsub(/[\/.-]/,'_')) do
                setcode do
 }.each do |path|
        Facter.add("has" + path.gsub(/[\/.-]/,'_')) do
                setcode do
index 09d3ac7..bfb4489 100644 (file)
@@ -356,4 +356,22 @@ class debian_org {
                content => "",
                mode => '0444',
        }
                content => "",
                mode => '0444',
        }
+
+       # this is only to avoid warnings, else puppet will complain that we
+       # have a symlink there, even if we're not replacing it anyhow.
+       if ! $has_etc_ssh_ssh_known_hosts {
+               file { '/etc/ssh/ssh_known_hosts':
+                       ensure  => 'present',
+                       replace => 'no',
+                       content => inline_template('<%= open("/etc/ssh/ssh_known_hosts").read() %>'),
+                       notify  => Exec['ud-replicate'],
+               }
+       }
+
+       exec { 'ud-replicate':
+               path => '/usr/bin:/usr/sbin:/bin:/sbin',
+               command => '/usr/bin/ud-replicate',
+               refreshonly => true,
+               require => Package['userdir-ldap']
+       }
 }
 }