From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 7 Sep 2019 23:14:37 +0000 (+0200)
Subject: collect staticsync ssh authkeys
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=c3c956b904b65b4feaea0489a42b6e3cbbe11125;p=mirror%2Fdsa-puppet.git

collect staticsync ssh authkeys
---

diff --git a/modules/roles/manifests/static_base.pp b/modules/roles/manifests/static_base.pp
index 1c8e74dcd..7527387ad 100644
--- a/modules/roles/manifests/static_base.pp
+++ b/modules/roles/manifests/static_base.pp
@@ -7,19 +7,15 @@ class roles::static_base {
     key         => $facts['staticsync_key'],
     collect_tag => 'staticsync',
   }
-#  ssh::authorized_key_collect { 'staticsync':
-#    target_user => 'staticsync',
-#    collect_tag => 'staticsync',
-#  }
+  ssh::authorized_key_collect { 'staticsync':
+    target_user => 'staticsync',
+    collect_tag => 'staticsync',
+  }
 
   file { '/etc/static-components.conf':
     content => template('roles/static-mirroring/static-components.conf.erb'),
   }
 
-  file { '/etc/ssh/userkeys/staticsync':
-    content => template('roles/static-mirroring/staticsync-authorized_keys.erb'),
-  }
-
   file { '/usr/local/bin/staticsync-ssh-wrap':
     source => 'puppet:///modules/roles/static-mirroring/staticsync-ssh-wrap',
     mode   => '0555',
diff --git a/modules/roles/templates/static-mirroring/staticsync-authorized_keys.erb b/modules/roles/templates/static-mirroring/staticsync-authorized_keys.erb
deleted file mode 100644
index 12492f3ec..000000000
--- a/modules/roles/templates/static-mirroring/staticsync-authorized_keys.erb
+++ /dev/null
@@ -1,45 +0,0 @@
-##
-## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
-##
-
-<%=
-def getstaticsynckey(host)
-    key = nil
-    begin
-        facts = YAML.load(File.open("/var/lib/puppet/yaml/facts/#{host}.yaml").read)
-        return facts.values['staticsync_key']
-    rescue Exception => e
-    end
-    return key
-end
-
-allnodeinfo = scope.lookupvar('site::allnodeinfo')
-roles = scope.lookupvar('site::roles')
-
-callers = []
-
-%w{static_mirror static_source static_master}.each do |role|
-    roles[role].each do |node|
-        key = getstaticsynckey(node)
-        callers << { 'node' => node, 'addr' => allnodeinfo[node]['ipHostNumber'], 'key' => key}
-    end
-end
-
-lines = []
-for m in callers do
-    lines << '# ' + m['node']
-    if m['key'].nil?
-        lines << "# no key for node"
-    else
-        lines << "command=\"/usr/local/bin/staticsync-ssh-wrap #{m['node']}\"," +
-                 'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc,' +
-                 'from="' + m['addr'].join(',') + '" ' +
-                 m['key']
-    end
-end
-
-lines.join("\n")
-# vim:set et:
-# vim:set sts=4 ts=4:
-# vim:set shiftwidth=4:
-%>