diff options
-rw-r--r-- | external/sshkeys/manifests/create_key.pp | 2 | ||||
-rw-r--r-- | external/sshkeys/manifests/init.pp | 4 | ||||
-rw-r--r-- | external/sshkeys/manifests/keymaster.pp | 2 | ||||
-rw-r--r-- | external/sshkeys/manifests/namecheck.pp | 4 | ||||
-rw-r--r-- | external/sshkeys/manifests/set_authorized_keys.pp | 28 | ||||
-rw-r--r-- | external/sshkeys/manifests/set_client_key_pair.pp | 8 | ||||
-rw-r--r-- | external/sshkeys/manifests/setup_key_master.pp | 32 | ||||
-rw-r--r-- | external/sshkeys/manifests/var.pp | 2 |
8 files changed, 41 insertions, 41 deletions
diff --git a/external/sshkeys/manifests/create_key.pp b/external/sshkeys/manifests/create_key.pp index ff89a8a7..23a74e8c 100644 --- a/external/sshkeys/manifests/create_key.pp +++ b/external/sshkeys/manifests/create_key.pp @@ -14,7 +14,7 @@ define sshkeys::create_key ( $_length = $keytype ? { "rsa" => $length, "dsa" => 1024 } sshkeys::namecheck { "${title}-filename": - parm => "filename", + parm => "filename", value => $_filename, } diff --git a/external/sshkeys/manifests/init.pp b/external/sshkeys/manifests/init.pp index bcec1847..4ab92bff 100644 --- a/external/sshkeys/manifests/init.pp +++ b/external/sshkeys/manifests/init.pp @@ -1,2 +1,2 @@ -class sshkeys {
-}
+class sshkeys { +} diff --git a/external/sshkeys/manifests/keymaster.pp b/external/sshkeys/manifests/keymaster.pp index c5013b13..3fc2a1fb 100644 --- a/external/sshkeys/manifests/keymaster.pp +++ b/external/sshkeys/manifests/keymaster.pp @@ -6,7 +6,7 @@ class sshkeys::keymaster { ensure => directory, owner => puppet, group => puppet, - mode => 644, + mode => '0644', } # Realize all virtual master keys Sshkeys::Setup_key_master <| |> diff --git a/external/sshkeys/manifests/namecheck.pp b/external/sshkeys/manifests/namecheck.pp index ad3d1c70..52c6e51f 100644 --- a/external/sshkeys/manifests/namecheck.pp +++ b/external/sshkeys/manifests/namecheck.pp @@ -4,9 +4,9 @@ define sshkeys::namecheck ( $value ) { if $value !~ /^[A-Za-z0-9]/ { - fail("sshkeys::key: $parm '$value' not allowed: must begin with a letter or digit") + fail("sshkeys::key: ${parm} '${value}' not allowed: must begin with a letter or digit") } if $value !~ /^[A-Za-z0-9_.:@-]+$/ { - fail("sshkeys::key: $parm '$value' not allowed: may only contain the characters A-Za-z0-9_.:@-") + fail("sshkeys::key: ${parm} '${value}' not allowed: may only contain the characters A-Za-z0-9_.:@-") } } diff --git a/external/sshkeys/manifests/set_authorized_keys.pp b/external/sshkeys/manifests/set_authorized_keys.pp index 6bbbb1b5..894f8069 100644 --- a/external/sshkeys/manifests/set_authorized_keys.pp +++ b/external/sshkeys/manifests/set_authorized_keys.pp @@ -20,7 +20,7 @@ define sshkeys::set_authorized_keys ( owner => $user, group => $group ? { "" => $user, default => $group }, require => User[$user], - mode => 600, + mode => '0600', } Ssh_authorized_key { user => $user, @@ -35,23 +35,23 @@ define sshkeys::set_authorized_keys ( $key_src_content = file($key_src_file, "/dev/null") if ! $key_src_content { notify { - "Public key file $key_src_file for key $_keyname not found on keymaster; skipping ensure => present": + "Public key file ${key_src_file} for key ${_keyname} not found on keymaster; skipping ensure => present": } } else { if $ensure == "present" and $key_src_content !~ /^(ssh-...) ([^ ]*)/ { - err("Can't parse public key file $key_src_file") - notify { - "Can't parse public key file $key_src_file for key $_keyname on the keymaster: skipping ensure => $ensure": - } + err("Can't parse public key file ${key_src_file}") + notify { + "Can't parse public key file ${key_src_file} for key ${_keyname} on the keymaster: skipping ensure => ${ensure}": + } } else { - $keytype = $1 - $modulus = $2 - ssh_authorized_key { $title: - ensure => "present", - type => $keytype, - key => $modulus, - options => $options ? { "" => undef, default => $options }, - } + $keytype = $1 + $modulus = $2 + ssh_authorized_key { $title: + ensure => "present", + type => $keytype, + key => $modulus, + options => $options ? { "" => undef, default => $options }, + } } } } diff --git a/external/sshkeys/manifests/set_client_key_pair.pp b/external/sshkeys/manifests/set_client_key_pair.pp index 4cb4281e..27780eb4 100644 --- a/external/sshkeys/manifests/set_client_key_pair.pp +++ b/external/sshkeys/manifests/set_client_key_pair.pp @@ -11,7 +11,7 @@ define sshkeys::set_client_key_pair ( File { owner => $user, group => $group ? { '' => $user, default => $group }, - mode => 600, + mode => '0600', require => [ User[$user], File[$home]], } @@ -30,10 +30,10 @@ define sshkeys::set_client_key_pair ( content => file($key_src_file, "/dev/null"); "${key_tgt_file}.pub": ensure => $ensure, - content => "$keytype $modulus $title\n", - mode => 644; + content => "${keytype} ${modulus} ${title}\n", + mode => '0644'; } } else { - notify { "Private key file $key_src_file for key $title not found on keymaster; skipping ensure => present": } + notify { "Private key file ${key_src_file} for key ${title} not found on keymaster; skipping ensure => present": } } } diff --git a/external/sshkeys/manifests/setup_key_master.pp b/external/sshkeys/manifests/setup_key_master.pp index d87e20cb..9dcd5f86 100644 --- a/external/sshkeys/manifests/setup_key_master.pp +++ b/external/sshkeys/manifests/setup_key_master.pp @@ -15,21 +15,21 @@ define sshkeys::setup_key_master ( File { owner => puppet, group => puppet, - mode => 600, + mode => '0600', } $keydir = "${sshkeys::var::keymaster_storage}/${title}" $keyfile = "${keydir}/key" file { - "$keydir": + "${keydir}": ensure => directory, - mode => 644; - "$keyfile": + mode => '0644'; + "${keyfile}": ensure => $ensure; "${keyfile}.pub": ensure => $ensure, - mode => 644; + mode => '0644'; } if $ensure == "present" { @@ -46,26 +46,26 @@ define sshkeys::setup_key_master ( $reason = "force=true" } if !$reason and $mindate and - generate("/usr/bin/find", $keyfile, "!", "-newermt", "${mindate}") { + generate("/usr/bin/find", $keyfile, "!", "-newermt", "${mindate}") { $reason = "created before ${mindate}" } if !$reason and $maxdays and - generate("/usr/bin/find", $keyfile, "-mtime", "+${maxdays}") { + generate("/usr/bin/find", $keyfile, "-mtime", "+${maxdays}") { $reason = "older than ${maxdays} days" } if !$reason and $keycontent =~ /^ssh-... [^ ]+ (...) (\d+)$/ { if $keytype != $1 { - $reason = "keytype changed: $1 -> $keytype" - } else { - if $length != $2 { - $reason = "length changed: $2 -> $length" - } - } + $reason = "keytype changed: ${1} -> ${keytype}" + } else { + if $length != $2 { + $reason = "length changed: ${2} -> ${length}" + } + } } if $reason { exec { "Revoke previous key ${title}: ${reason}": - command => "rm $keyfile ${keyfile}.pub", - before => Exec["Create key $title: $keytype, $length bits"], + command => "rm ${keyfile} ${keyfile}.pub", + before => Exec["Create key ${title}: ${keytype}, ${length} bits"], } } } @@ -75,7 +75,7 @@ define sshkeys::setup_key_master ( # store data about the key, i.e. $keytype and $length. This avoids # having to rerun ssh-keygen -l on every key at every run to determine # the key length. - exec { "Create key $title: $keytype, $length bits": + exec { "Create key ${title}: ${keytype}, ${length} bits": command => "ssh-keygen -t ${keytype} -b ${length} -f ${keyfile} -C \"${keytype} ${length}\" -N \"\"", user => "puppet", group => "puppet", diff --git a/external/sshkeys/manifests/var.pp b/external/sshkeys/manifests/var.pp index 16b1c03e..13f6992e 100644 --- a/external/sshkeys/manifests/var.pp +++ b/external/sshkeys/manifests/var.pp @@ -1,4 +1,4 @@ class sshkeys::var( - $keymaster_storage = "/var/lib/puppet-sshkeys" + $keymaster_storage = '/var/lib/puppet-sshkeys' ) { } |