diff options
Diffstat (limited to 'external/sshkeys/manifests/setup_key_master.pp')
-rw-r--r-- | external/sshkeys/manifests/setup_key_master.pp | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/external/sshkeys/manifests/setup_key_master.pp b/external/sshkeys/manifests/setup_key_master.pp index d87e20cb..9dcd5f86 100644 --- a/external/sshkeys/manifests/setup_key_master.pp +++ b/external/sshkeys/manifests/setup_key_master.pp @@ -15,21 +15,21 @@ define sshkeys::setup_key_master ( File { owner => puppet, group => puppet, - mode => 600, + mode => '0600', } $keydir = "${sshkeys::var::keymaster_storage}/${title}" $keyfile = "${keydir}/key" file { - "$keydir": + "${keydir}": ensure => directory, - mode => 644; - "$keyfile": + mode => '0644'; + "${keyfile}": ensure => $ensure; "${keyfile}.pub": ensure => $ensure, - mode => 644; + mode => '0644'; } if $ensure == "present" { @@ -46,26 +46,26 @@ define sshkeys::setup_key_master ( $reason = "force=true" } if !$reason and $mindate and - generate("/usr/bin/find", $keyfile, "!", "-newermt", "${mindate}") { + generate("/usr/bin/find", $keyfile, "!", "-newermt", "${mindate}") { $reason = "created before ${mindate}" } if !$reason and $maxdays and - generate("/usr/bin/find", $keyfile, "-mtime", "+${maxdays}") { + generate("/usr/bin/find", $keyfile, "-mtime", "+${maxdays}") { $reason = "older than ${maxdays} days" } if !$reason and $keycontent =~ /^ssh-... [^ ]+ (...) (\d+)$/ { if $keytype != $1 { - $reason = "keytype changed: $1 -> $keytype" - } else { - if $length != $2 { - $reason = "length changed: $2 -> $length" - } - } + $reason = "keytype changed: ${1} -> ${keytype}" + } else { + if $length != $2 { + $reason = "length changed: ${2} -> ${length}" + } + } } if $reason { exec { "Revoke previous key ${title}: ${reason}": - command => "rm $keyfile ${keyfile}.pub", - before => Exec["Create key $title: $keytype, $length bits"], + command => "rm ${keyfile} ${keyfile}.pub", + before => Exec["Create key ${title}: ${keytype}, ${length} bits"], } } } @@ -75,7 +75,7 @@ define sshkeys::setup_key_master ( # store data about the key, i.e. $keytype and $length. This avoids # having to rerun ssh-keygen -l on every key at every run to determine # the key length. - exec { "Create key $title: $keytype, $length bits": + exec { "Create key ${title}: ${keytype}, ${length} bits": command => "ssh-keygen -t ${keytype} -b ${length} -f ${keyfile} -C \"${keytype} ${length}\" -N \"\"", user => "puppet", group => "puppet", |