ssh::authorized_key_add: warn if the key does not exist

author Peter Palfrader <peter@palfrader.org>

Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)

committer Peter Palfrader <peter@palfrader.org>

Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)
author Peter Palfrader <peter@palfrader.org>
Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)
committer Peter Palfrader <peter@palfrader.org>
Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)
diff --git a/modules/ssh/manifests/authorized_key_add.pp b/modules/ssh/manifests/authorized_key_add.pp

index 44cdc80..451a952 100644 (file)
--- a/modules/ssh/manifests/authorized_key_add.pp
+++ b/modules/ssh/manifests/authorized_key_add.pp
@@ -22,13 +22,17 @@ define ssh::authorized_key_add(
  
    $from_space = $from_hosts.join(' ')
  
-  @@concat::fragment { "ssh::authorized_key::${name} ${target_user} ${from}":
-    tag     => "ssh::authorized_key::fragment::${collect_tag}::${target_user}",
-    target  => "/etc/ssh/userkeys/${target_user}",
-    order   => '200',
-    content => @("EOF"),
-               command="${command}",from="${from}",restrict ${key}
-               | EOF
+  if $key {
+    @@concat::fragment { "ssh::authorized_key::${name} ${target_user} ${from}":
+      tag     => "ssh::authorized_key::fragment::${collect_tag}::${target_user}",
+      target  => "/etc/ssh/userkeys/${target_user}",
+      order   => '200',
+      content => @("EOF"),
+                 command="${command}",from="${from}",restrict ${key}
+                 | EOF
+    }
+  } else {
+    notify{ "Warning, ssh key for ${name}, ${target_user} not defined (yet?).": }
    }
  
    @@ferm::rule { "ssh-${target_user}-${name}":
author	Peter Palfrader <peter@palfrader.org>
	Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Sat, 7 Sep 2019 21:22:37 +0000 (23:22 +0200)