5dd814871a
Currently ssh_authorized_key has some logic about $user being false or '', but it sets its value to default to 'root'. So, in order to use the name as the user's name, one has to clear the user parameter, which is totally redundant. Since it is sometimes useful to publish multiple keys for a user, the $user parameter is useful. To make using ssh_authorized_key for one-key normal users simpler, make $user default to being empty (which will use $name as the user name). 'root' can always be specified either via the name or by the $user paramter. Signed-off-by: Gabriel Filion <lelutin@gmail.com>
48 lines
1,021 B
Puppet
48 lines
1,021 B
Puppet
# wrapper to have some defaults.
|
|
define sshd::ssh_authorized_key(
|
|
$ensure = 'present',
|
|
$type = 'ssh-dss',
|
|
$key = 'absent',
|
|
$user = '',
|
|
$target = undef,
|
|
$options = 'absent'
|
|
){
|
|
|
|
if ($ensure=='present') and ($key=='absent') {
|
|
fail("You have to set \$key for Sshd::Ssh_authorized_key[${name}]!")
|
|
}
|
|
|
|
$real_user = $user ? {
|
|
false => $name,
|
|
'' => $name,
|
|
default => $user,
|
|
}
|
|
|
|
case $target {
|
|
undef,'': {
|
|
case $real_user {
|
|
'root': { $real_target = '/root/.ssh/authorized_keys' }
|
|
default: { $real_target = "/home/${real_user}/.ssh/authorized_keys" }
|
|
}
|
|
}
|
|
default: {
|
|
$real_target = $target
|
|
}
|
|
}
|
|
ssh_authorized_key{$name:
|
|
ensure => $ensure,
|
|
type => $type,
|
|
key => $key,
|
|
user => $real_user,
|
|
target => $real_target,
|
|
}
|
|
|
|
case $options {
|
|
'absent': { info("not setting any option for ssh_authorized_key: $name") }
|
|
default: {
|
|
Ssh_authorized_key[$name]{
|
|
options => $options,
|
|
}
|
|
}
|
|
}
|
|
}
|