switch ssh-keygens to ssh::keygen

diff --git a/modules/buildd/manifests/init.pp b/modules/buildd/manifests/init.pp
index 29a3524..a8affb0 100644 (file)
--- a/modules/buildd/manifests/init.pp
+++ b/modules/buildd/manifests/init.pp
@@ -91,12 +91,7 @@ class buildd ($ensure=present) {
                        owner   => buildd,
                }
 
-               if ! $::buildd_key {
-                       exec { 'create-buildd-key':
-                               command => '/bin/su - buildd -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-                               onlyif  => '/usr/bin/getent passwd buildd > /dev/null && ! [ -e /home/buildd/.ssh/id_rsa ]'
-                       }
-               }
+               ssh::keygen {'buildd': }
 
                #
                # buildd/pybuildd configuration

diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp
index e5a5982..9cb62f6 100644 (file)
--- a/modules/portforwarder/manifests/init.pp
+++ b/modules/portforwarder/manifests/init.pp
@@ -3,12 +3,7 @@ class portforwarder {
        # for now this will have to be done manually
 
        if $::portforwarder_user_exists {
-               if ! $::portforwarder_key {
-                       exec { 'create-portforwarder-key':
-                               command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-                               onlyif  => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
-                       }
-               }
+               ssh::keygen {'portforwarder': }
 
                file { '/etc/ssh/userkeys/portforwarder':
                        content => template('portforwarder/authorized_keys.erb'),

diff --git a/modules/postgres/manifests/backup_source.pp b/modules/postgres/manifests/backup_source.pp
index d67f675..146726a 100644 (file)
--- a/modules/postgres/manifests/backup_source.pp
+++ b/modules/postgres/manifests/backup_source.pp
@@ -14,12 +14,7 @@ class postgres::backup_source {
                content => template('roles/postgresql_server/pg-backup-file.conf.erb'),
        }
 
-       if ! $::postgres_key {
-               exec { 'create-postgres-key':
-                       command => '/bin/su - postgres -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-                       onlyif  => '/usr/bin/getent passwd postgres > /dev/null && ! [ -e /var/lib/postgresql/.ssh/id_rsa ]'
-               }
-       }
+       ssh::keygen {'postgres': }
 
 
        if $::hostname in [melartin, vittoria] {

diff --git a/modules/roles/manifests/static_base.pp b/modules/roles/manifests/static_base.pp
index bade119..c8b8398 100644 (file)
--- a/modules/roles/manifests/static_base.pp
+++ b/modules/roles/manifests/static_base.pp
@@ -1,10 +1,5 @@
 class roles::static_base {
-       if ! $::staticsync_key {
-               exec { 'create-staticsync-key':
-                       command => '/bin/su - staticsync -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-                       onlyif  => '/usr/bin/getent passwd staticsync > /dev/null && ! [ -e /home/staticsync/.ssh/id_rsa ]'
-               }
-       }
+       ssh::keygen {'staticsync': }
 
        file { '/etc/static-components.conf':
                content => template('roles/static-mirroring/static-components.conf.erb'),

diff --git a/modules/roles/manifests/weblog_provider.pp b/modules/roles/manifests/weblog_provider.pp
index 0b3cb8d..b7ea0bb 100644 (file)
--- a/modules/roles/manifests/weblog_provider.pp
+++ b/modules/roles/manifests/weblog_provider.pp
@@ -1,16 +1,11 @@
 class roles::weblog_provider {
-       if ! $::weblogsync_key {
-               exec { 'create-weblogsync-key':
-                       command => '/bin/su - weblogsync -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
-                       onlyif  => '/usr/bin/getent passwd weblogsync > /dev/null && ! [ -e /home/weblogsync/.ssh/id_rsa ]'
-               }
-       } else {
-               file { '/etc/cron.d/puppet-weblog-provider': ensure => absent, }
-               concat::fragment { 'dsa-puppet-stuff--weblog-provider':
-                       target => '/etc/cron.d/dsa-puppet-stuff',
-                       content  => @(EOF)
-                               0 1 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include 'www.debian.org-access.log-*gz' --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming-
-                               | EOF
-               }
-       }
+  ssh::keygen {'weblogsync': }
+
+  file { '/etc/cron.d/puppet-weblog-provider': ensure => absent, }
+  concat::fragment { 'dsa-puppet-stuff--weblog-provider':
+    target => '/etc/cron.d/dsa-puppet-stuff',
+    content  => @(EOF)
+                0 1 * * * weblogsync sleep $((RANDOM \% 1800)); rsync -a --delete-excluded --include 'www.debian.org-access.log-*gz' --include '*-public-access.log-*gz' --exclude '**' /var/log/apache2/. weblogsync@wolkenstein.debian.org:-weblogs-incoming-
+                | EOF
+  }
 }