weblog destination

author Peter Palfrader <peter@palfrader.org>

Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)

committer Peter Palfrader <peter@palfrader.org>

Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)
author Peter Palfrader <peter@palfrader.org>
Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)
committer Peter Palfrader <peter@palfrader.org>
Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)
diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp

index cc1d521..7ff4457 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -71,4 +71,7 @@ class roles {
         if getfromhash($site::nodeinfo, 'weblog_provider') {
                 include roles::weblog_provider
         }
+       if $::hostname in [ravel] {
+               include roles::weblog_destination
+       }
  }
diff --git a/modules/roles/manifests/weblog_destination.pp b/modules/roles/manifests/weblog_destination.pp

new file mode 100644 (file)

index 0000000..662bdee
--- /dev/null
+++ b/modules/roles/manifests/weblog_destination.pp
@@ -0,0 +1,5 @@
+class roles::weblog_destination {
+       file { '/etc/ssh/userkeys/weblogsync':
+               content => template('roles/weblog_destination-authorized_keys.erb'),
+       }
+}
diff --git a/modules/roles/templates/weblog_destination-authorized_keys.erb b/modules/roles/templates/weblog_destination-authorized_keys.erb

new file mode 100644 (file)

index 0000000..dbce4a4
--- /dev/null
+++ b/modules/roles/templates/weblog_destination-authorized_keys.erb
@@ -0,0 +1,44 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+##
+
+<%=
+def getweblogsynckey(host)
+    key = nil
+    begin
+        facts = YAML.load(File.open("/var/lib/puppet/yaml/facts/#{host}.yaml").read)
+        return facts.values['weblogsync_key']
+    rescue Exception => e
+    end
+    return key
+end
+
+localinfo = scope.lookupvar('site::localinfo')
+allnodeinfo = scope.lookupvar('site::allnodeinfo')
+
+mirrors = []
+localinfo.keys.sort.each do |node|
+    if localinfo[node]['weblog_provider']
+        key = getstaticsynckey(node)
+        mirrors << { 'node' => node, 'addr' => allnodeinfo[node]['ipHostNumber'], 'key' => key}
+    end
+end
+
+lines = []
+for m in mirrors:
+    lines << '# ' + m['node']
+    if m['key'].nil?
+        lines << "# no key for node"
+    else
+        lines << "command=\"/srv/weblogs.debian.org/bin/ssh-wrap #{m['node']}\"," +
+                 'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc,' +
+                 'from="' + m['addr'].join(',') + '" ' +
+                 m['key']
+    end
+end
+
+lines.join("\n")
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4:
+%>
author	Peter Palfrader <peter@palfrader.org>
	Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Wed, 17 Apr 2013 21:54:50 +0000 (23:54 +0200)
modules/roles/manifests/init.pp		patch \| blob \| history
modules/roles/manifests/weblog_destination.pp	[new file with mode: 0644]	patch \| blob
modules/roles/templates/weblog_destination-authorized_keys.erb	[new file with mode: 0644]	patch \| blob