diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/openssh/manifests/init.pp | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/modules/openssh/manifests/init.pp b/modules/openssh/manifests/init.pp index 18f921b1..38c6fdee 100644 --- a/modules/openssh/manifests/init.pp +++ b/modules/openssh/manifests/init.pp @@ -25,7 +25,9 @@ class openssh { } } - class ssh_keys_from_ldap inherits server { + # root account authorized_keys will be symlinked + # if you want to add symlink on other accounts, use $symlink_users parameter + class ssh_keys_from_ldap($symlink_users = false) inherits server { File ["/etc/ssh/sshd_config"] { content => template("openssh/sshd_config","openssh/sshd_config_ldap") @@ -56,6 +58,20 @@ class openssh { mode => 700, } + if $symlink_users { + file { "$pubkeys_directory/$symlink_users": + ensure => directory, + owner => $symlink_users, + group => $symlink_users, + mode => 700, + } + + file { "$pubkeys_directory/$symlink_users/authorized_keys": + ensure => "/home/$symlink_users/.ssh/authorized_keys", + mode => 700, + } + } + $sshkey2file = "/usr/local/bin/ldap-sshkey2file.py" $ldap_pwfile = "/etc/ldap.secret" file { $sshkey2file: |