summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormh <mh@immerda.ch>2015-02-14 14:25:32 (GMT)
committermh <mh@immerda.ch>2015-02-14 14:25:32 (GMT)
commite2c7105d7831580917be2b3f0612b244093552b0 (patch)
treefd19c9000a3b323c9836d450070267cd58de9695
parent5442c14961e2e167985fe10cbf722a6ccc3f700a (diff)
manage root keys if any are defined
-rw-r--r--ib_yum/manifests/init.pp2
-rw-r--r--ibox/manifests/init.pp1
-rw-r--r--ibox/manifests/lib/root_user.pp15
-rw-r--r--ibox/manifests/systems/base.pp5
4 files changed, 22 insertions, 1 deletions
diff --git a/ib_yum/manifests/init.pp b/ib_yum/manifests/init.pp
index ac412a0..ef1cabf 100644
--- a/ib_yum/manifests/init.pp
+++ b/ib_yum/manifests/init.pp
@@ -2,7 +2,7 @@
class ib_yum(
$elrepo_enable = false,
) {
- stage{'yum': } -> Stage['setup']
+ Stage['root'] -> stage{'yum': } -> Stage['setup']
class {
'yum':
manage_munin => $ibox::use_munin,
diff --git a/ibox/manifests/init.pp b/ibox/manifests/init.pp
index b17aa8f..5c3f4ec 100644
--- a/ibox/manifests/init.pp
+++ b/ibox/manifests/init.pp
@@ -7,6 +7,7 @@ class ibox(
$types = [],
) {
+ $root_keys = hiera_hash('ibox::root_keys',{})
include ibox::systems::base
case $::kernel {
diff --git a/ibox/manifests/lib/root_user.pp b/ibox/manifests/lib/root_user.pp
new file mode 100644
index 0000000..1ca4921
--- /dev/null
+++ b/ibox/manifests/lib/root_user.pp
@@ -0,0 +1,15 @@
+# manage root user
+class ibox::lib::root_user {
+ # manage root user
+ user{'root':
+ home => '/root',
+ }
+ if !empty($ibox::root_keys) {
+ $purge_keys = true
+
+ create_resources('sshd::authorized_key',$ibox::root_keys,{ user => 'root' })
+ User['root']{
+ purge_ssh_keys => true
+ }
+ }
+}
diff --git a/ibox/manifests/systems/base.pp b/ibox/manifests/systems/base.pp
index 7f092c2..364cc8a 100644
--- a/ibox/manifests/systems/base.pp
+++ b/ibox/manifests/systems/base.pp
@@ -31,4 +31,9 @@ class ibox::systems::base {
if $ibox::use_munin {
include ib_munin::client
}
+
+ stage{'root': } -> Stage['setup']
+ class{'ibox::lib::root_user':
+ stage => 'root',
+ }
}