Manage authorized ssh keys for admins

author: Jan Dittberner <jan@dittberner.info> 2017-04-13 14:20:21 +0200
committer: Jan Dittberner <jan@dittberner.info> 2017-04-13 14:20:21 +0200
commit: fafe4249785f0f727eca73f7ae270f601cba75c1 (patch)
tree: 810b466df099f08e9adb912577d4d8e41ff17f45 /sitemodules
parent: 37bfcf2c85c8da95b1898f5fb750a012e5638416 (diff)
download: cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.tar.gz
cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.tar.xz
cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/sitemodules/profiles/manifests/base.pp b/sitemodules/profiles/manifests/base.pp
index 961cbb8..d1d709b 100644
--- a/sitemodules/profiles/manifests/base.pp
+++ b/sitemodules/profiles/manifests/base.pp
@@ -48,6 +48,15 @@ class profiles::base (
       password => $user['password'],
       uid      => $user['uid'],
     }
+    $user['ssh_keys'].each |Hash[String, Data] $keydata| {
+        ssh_authorized_key { "$user['username']@$keydata['name']":
+            ensure  => present,
+            user    => $user['username'],
+            type    => $keydata['type'],
+            key     => $keydata['key'],
+            require => User[$user['username']],
+        }
+    }
   }
 
   file { '/etc/init.d/puppet':
author	Jan Dittberner <jan@dittberner.info>	2017-04-13 14:20:21 +0200
committer	Jan Dittberner <jan@dittberner.info>	2017-04-13 14:20:21 +0200
commit	fafe4249785f0f727eca73f7ae270f601cba75c1 (patch)
tree	810b466df099f08e9adb912577d4d8e41ff17f45 /sitemodules
parent	37bfcf2c85c8da95b1898f5fb750a012e5638416 (diff)
download	cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.tar.gz cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.tar.xz cacert-puppet-fafe4249785f0f727eca73f7ae270f601cba75c1.zip