Remove unmanaged ssh keys
[cacert-puppet.git] / sitemodules / profiles / manifests / base.pp
index d1d709b..dcc2cc1 100644 (file)
@@ -41,15 +41,18 @@ class profiles::base (
       ensure => present,
     } ->
     user { $user['username']:
-      ensure   => present,
-      comment  => $user['fullname'],
-      gid      => $user['username'],
-      groups   => ['sudo', 'adm'],
-      password => $user['password'],
-      uid      => $user['uid'],
+      ensure         => present,
+      comment        => $user['fullname'],
+      gid            => $user['username'],
+      groups         => ['sudo', 'adm'],
+      password       => $user['password'],
+      uid            => $user['uid'],
+      purge_ssh_keys => true,
     }
     $user['ssh_keys'].each |Hash[String, Data] $keydata| {
-        ssh_authorized_key { "$user['username']@$keydata['name']":
+       $osusername = $user['username']
+       $keyname    = $keydata['name']
+        ssh_authorized_key { "${osusername}@${keyname}":
             ensure  => present,
             user    => $user['username'],
             type    => $keydata['type'],