From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 7 Sep 2019 21:06:50 +0000 (+0200)
Subject: Add an ssh::keygen to create userkeys
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=5a34f35327c4a0db2f550df46c291f17deb15512;p=mirror%2Fdsa-puppet.git

Add an ssh::keygen to create userkeys
---

diff --git a/modules/ssh/manifests/keygen.pp b/modules/ssh/manifests/keygen.pp
new file mode 100644
index 000000000..7f010206d
--- /dev/null
+++ b/modules/ssh/manifests/keygen.pp
@@ -0,0 +1,20 @@
+# create an ssh key for user
+define ssh::keygen(
+  String $user = $name,
+) {
+  if $facts["${user}_user_exists"] == undef {
+    notify{"We do not have facters for user ${user} existance and keys -- add it to modules/debian_org/lib/facter/roleaccounts.rb": }
+  }
+  if $facts["${user}_user_exists"] {
+    if ! $facts["${user}_key"] {
+      exec { "create-${user}-ssh-key":
+        command => @("EOF"),
+          /bin/su - ${user} -c 'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q'
+          | EOF
+        onlyif  => "/usr/bin/getent passwd ${user} > /dev/null && ! [ -e ~${user}/.ssh/id_rsa ]"
+      }
+    }
+  } else {
+    notify{"User ${user} does not exist on this host.  Will not create ssh key": }
+  }
+}