From eb86cec8a0737b9d471c0df4221694c68319597e Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Wed, 17 Apr 2013 23:54:50 +0200 Subject: [PATCH] weblog destination --- modules/roles/manifests/init.pp | 3 ++ modules/roles/manifests/weblog_destination.pp | 5 +++ .../weblog_destination-authorized_keys.erb | 44 +++++++++++++++++++ 3 files changed, 52 insertions(+) create mode 100644 modules/roles/manifests/weblog_destination.pp create mode 100644 modules/roles/templates/weblog_destination-authorized_keys.erb diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp index cc1d52123..7ff4457af 100644 --- a/modules/roles/manifests/init.pp +++ b/modules/roles/manifests/init.pp @@ -71,4 +71,7 @@ class roles { if getfromhash($site::nodeinfo, 'weblog_provider') { include roles::weblog_provider } + if $::hostname in [ravel] { + include roles::weblog_destination + } } diff --git a/modules/roles/manifests/weblog_destination.pp b/modules/roles/manifests/weblog_destination.pp new file mode 100644 index 000000000..662bdee90 --- /dev/null +++ b/modules/roles/manifests/weblog_destination.pp @@ -0,0 +1,5 @@ +class roles::weblog_destination { + file { '/etc/ssh/userkeys/weblogsync': + content => template('roles/weblog_destination-authorized_keys.erb'), + } +} diff --git a/modules/roles/templates/weblog_destination-authorized_keys.erb b/modules/roles/templates/weblog_destination-authorized_keys.erb new file mode 100644 index 000000000..dbce4a414 --- /dev/null +++ b/modules/roles/templates/weblog_destination-authorized_keys.erb @@ -0,0 +1,44 @@ +## +## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE. +## + +<%= +def getweblogsynckey(host) + key = nil + begin + facts = YAML.load(File.open("/var/lib/puppet/yaml/facts/#{host}.yaml").read) + return facts.values['weblogsync_key'] + rescue Exception => e + end + return key +end + +localinfo = scope.lookupvar('site::localinfo') +allnodeinfo = scope.lookupvar('site::allnodeinfo') + +mirrors = [] +localinfo.keys.sort.each do |node| + if localinfo[node]['weblog_provider'] + key = getstaticsynckey(node) + mirrors << { 'node' => node, 'addr' => allnodeinfo[node]['ipHostNumber'], 'key' => key} + end +end + +lines = [] +for m in mirrors: + lines << '# ' + m['node'] + if m['key'].nil? + lines << "# no key for node" + else + lines << "command=\"/srv/weblogs.debian.org/bin/ssh-wrap #{m['node']}\"," + + 'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc,' + + 'from="' + m['addr'].join(',') + '" ' + + m['key'] + end +end + +lines.join("\n") +# vim:set et: +# vim:set sts=4 ts=4: +# vim:set shiftwidth=4: +%> -- 2.20.1