updates to work with mfpl monkeysphere setup

diff --git a/manifests/init.pp b/manifests/init.pp
index a4e60ad3cbacf5f74b25685f5e96a4cc4cb8eb3b..d87323701bd27629911a53b27164ef31332c5f9a 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,7 +1,7 @@
 # This module is distributed under the GNU Affero General Public License:
 # 
 # Monkeysphere module for puppet
-# Copyright (C) 2009 Sarava Group
+# Copyright (C) 2009-2010 Sarava Group
 # 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as
@@ -23,29 +23,53 @@ class monkeysphere {
   # The needed packages
   package { monkeysphere: ensure => installed, }
 
-  $ssh_port = $monkeysphere_ssh_port ? {
-    ''      => '',
-    default => ":$monkeysphere_ssh_port",
+}
+
+class monkeysphere::import_key inherits monkeysphere {
+  $key = "ssh://${fqdn}"
+  # Server host key import 
+  exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key":
+       user    => "root",
+       unless => "/usr/sbin/monkeysphere-host s | grep $key"
   }
+}
 
-  $key = "ssh://${fqdn}${ssh_port}"
+# Server host key publication
+class monkeysphere::publish_key inherits monkeysphere { 
+  exec { "MONKEYSPHERE_PROMPT=false $keyserver_arg /usr/sbin/monkeysphere-host publish-key":
+       user    => "root",
+  }
+}
 
-  # Server host key publication
-  case $monkeysphere_publish_key {
-    false: {
-             exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key":
-               unless  => "/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null",
-               user    => "root",
-               require => Package["monkeysphere"],
-             }
-           }
-    default: {
-            exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key $key && \
-                    /usr/sbin/monkeysphere-host publish-key":
-              unless  => "/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=$key' &> /dev/null",
-              user    => "root",
-              require => Package["monkeysphere"],
-            }
-          }
+# add certifiers
+define monkeysphere::add_certifiers( $keyid ) {
+  exec { "/usr/sbin/monkeysphere-authentication add-id-certifier $keyid":
+       environment => "MONKEYSPHERE_PROMPT=false",
+       user    => "root",
+       require => [ Package["monkeysphere"] ],
+       unless => "/usr/sbin/monkeysphere-authentication list-id-certifiers | grep $keyid"
+  }
+}
+define monkeysphere::root_authorized_user_ids( $file ) {
+  file {
+    "/root/.monkeysphere":
+      owner => "root",
+      group => "root",
+      mode => 755,
+      ensure => directory,
+  }
+  file {
+    "/root/.monkeysphere/authorized_user_ids":
+      owner => "root",
+      group => "root",
+      mode => 644,
+      source => "$file",
+      ensure => present,
+      recurse => true,
+  }
+  exec { "/usr/sbin/monkeysphere-authentication update-users root":
+       user    => "root",
+       require => [ Package["monkeysphere"] ],
+        onlyif => "/usr/bin/test /root/.monkeysphere/authorized_user_ids -nt /var/lib/monkeysphere/authorized_keys/root" 
   }
 }