[MediaWiki-commits] [Gerrit] ssh::userkey: Allow a prefix to be specified for a key - change (operations/puppet)

[Alexandros Kosiaris (Code Review)]

Alexandros Kosiaris has submitted this change and it was merged.

Change subject: ssh::userkey: Allow a prefix to be specified for a key
......................................................................


ssh::userkey: Allow a prefix to be specified for a key

Allow to specify a prefix for a managed key that if defined, will be
prepended to the filename of the key allowing to populate specific
purpose keys.

Change-Id: I4c6292df03ebc3ac933226207f0e074775c8bbd3
---
M modules/ssh/manifests/userkey.pp
1 file changed, 23 insertions(+), 2 deletions(-)

Approvals:
  Alexandros Kosiaris: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/modules/ssh/manifests/userkey.pp b/modules/ssh/manifests/userkey.pp
index 43d90aa..f663121 100644
--- a/modules/ssh/manifests/userkey.pp
+++ b/modules/ssh/manifests/userkey.pp
@@ -23,6 +23,12 @@
 #   Path to file containing configuration directives. Undefined by
 #   default. Mutually exclusive with 'content'.
 #
+# [*skey*]
+#   If defined, a supplemental key for a user will be defined. The key will be
+#   stored in a file named ${user}.d/skey. ${user.d} will be created as well if
+#   it is not already defined. You probably don't want to use this for most
+#   cases.
+#
 # === Examples
 #
 #  ssh::userkey { 'john'
@@ -30,10 +36,10 @@
 #    source => 'puppet:///files/admin/ssh/john-rsa',
 #  }
 #
-
 define ssh::userkey(
   $ensure  = present,
   $user    = $title,
+  $skey    = undef,
   $source  = undef,
   $content = undef,
 
@@ -46,7 +52,22 @@
         fail('"source" and "content" are mutually exclusive')
     }
 
-    file { "/etc/ssh/userkeys/${user}":
+    if $skey {
+        if !defined(File["/etc/ssh/userkeys/${user}.d/"]) {
+            file { "/etc/ssh/userkeys/${user}.d/":
+                ensure  => $directory,
+                force   => true,
+                owner   => 'root',
+                group   => 'root',
+                mode    => '0755',
+            }
+        }
+        $path = "/etc/ssh/userkeys/${user}.d/${skey}"
+    } else {
+        $path = "/etc/ssh/userkeys/${user}"
+    }
+
+    file { $path:
         ensure  => $ensure,
         force   => true,
         owner   => 'root',

-- 
To view, visit https://gerrit.wikimedia.org/r/202731
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I4c6292df03ebc3ac933226207f0e074775c8bbd3
Gerrit-PatchSet: 7
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Faidon Liambotis <fai...@wikimedia.org>
Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits