From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 8 Sep 2019 08:28:35 +0000 (+0200)
Subject: Start migrating to /etc/ssh/puppetkeys/ for exported ssh authkeys
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=e801844541145c6c2870dbbb799a50d0964f7578;p=mirror%2Fdsa-puppet.git

Start migrating to /etc/ssh/puppetkeys/ for exported ssh authkeys
---

diff --git a/modules/ssh/manifests/authorized_key_add.pp b/modules/ssh/manifests/authorized_key_add.pp
index 3e700cc64..4f3e1043a 100644
--- a/modules/ssh/manifests/authorized_key_add.pp
+++ b/modules/ssh/manifests/authorized_key_add.pp
@@ -34,7 +34,7 @@ define ssh::authorized_key_add(
   if $key {
     @@concat::fragment { "ssh::authorized_key::${name} ${target_user} from ${::hostname}":
       tag     => $ssh_tags,
-      target  => "/etc/ssh/userkeys/${target_user}",
+      target  => "/etc/ssh/puppetkeys/${target_user}",
       order   => '200',
       content => @("EOF"),
                  # from ${::fqdn}
diff --git a/modules/ssh/manifests/authorized_key_collect.pp b/modules/ssh/manifests/authorized_key_collect.pp
index 3fccc2578..55eccf656 100644
--- a/modules/ssh/manifests/authorized_key_collect.pp
+++ b/modules/ssh/manifests/authorized_key_collect.pp
@@ -10,6 +10,12 @@ define ssh::authorized_key_collect(
     order   => '000',
     content => "# This file is maintained with puppet\n",
   }
+  concat { "/etc/ssh/puppetkeys/${target_user}": }
+  concat::fragment { "/etc/ssh/puppetkeys/${target_user}-header":
+    target  => "/etc/ssh/puppetkeys/${target_user}",
+    order   => '000',
+    content => "# This file is maintained with puppet\n",
+  }
   Concat::Fragment <<| tag == "ssh::authorized_key::fragment::${collect_tag}::${target_user}" |>>
 
   Ferm::Rule <<| tag == "ssh::authorized_key::ferm::${collect_tag}::${target_user}" |>>