cleanup the merge

author mh <mh@immerda.ch>

Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)

committer mh <mh@immerda.ch>

Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)
author mh <mh@immerda.ch>
Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)
committer mh <mh@immerda.ch>
Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)
diff --git a/manifests/init.pp b/manifests/init.pp

index 853aed70faf27f82def682a0d1311bbeecf95bb0..6885b45ad5590363622e8821b0ccad911c9ce45b 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -36,44 +36,39 @@ class monkeysphere(
  
    $key = "ssh://${::fqdn}${port}"
  
-  common::module_dir { [ "monkeysphere", "monkeysphere/hosts", "monkeysphere/plugins" ]: }
+  common::module_dir { [ 'monkeysphere', 'monkeysphere/hosts', 'monkeysphere/plugins' ]: }
    file {
      '/usr/local/sbin/monkeysphere-check-key':
        ensure  => present,
        owner   => root,
        group   => root,
-      mode    => 0755,
+      mode    => '0755',
        content => "#!/bin/bash\n/usr/bin/gpg --homedir /var/lib/monkeysphere/host --list-keys '=${key}' &> /dev/null || false",
    }
  
    # Server host key publication
+  Exec{
+    unless  => '/usr/local/sbin/monkeysphere-check-key',
+    user    => 'root',
+    require => [ Package['monkeysphere'], File['/usr/local/sbin/monkeysphere-check-key'] ],
+  }
    case $monkeysphere::publish_key {
      false: {
-             exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key}":
-               unless  => "/usr/local/sbin/monkeysphere-check-key",
-               user    => "root",
-               require => [ Package["monkeysphere"], File["/usr/local/sbin/monkeysphere-check-key"] ],
-             }
-           }
+      exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key}": }
+    }
      'mail': {
-            $mail_loc = $::operatingsystem ? {
-               'centos' => '/bin/mail',
-               default => '/usr/bin/mail',
-            }
-            exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key} && \
-                    ${mail_loc} -s 'monkeysphere host pgp key for ${::fqdn}' root < /var/lib/monkeysphere/host_keys.pub.pgp":
-              unless  => "/usr/local/sbin/monkeysphere-check-key",
-              user    => "root",
-              require => [ Package["monkeysphere"], File["/usr/local/sbin/monkeysphere-check-key"] ],
-            }
-          }
+      $mail_loc = $::operatingsystem ? {
+        'centos' => '/bin/mail',
+        default => '/usr/bin/mail',
+      }
+      exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key} && \
+          ${mail_loc} -s 'monkeysphere host pgp key for ${::fqdn}' root < /var/lib/monkeysphere/host_keys.pub.pgp":
+      }
+    }
      default: {
-            exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key} && \
-                    /usr/sbin/monkeysphere-host publish-key":
-              unless  => "/usr/local/sbin/monkeysphere-check-key",
-              user    => "root",
-              require => [ Package["monkeysphere"], File["/usr/local/sbin/monkeysphere-check-key"] ],
-            }
-          }
+      exec { "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ${key} && \
+          echo Y | /usr/sbin/monkeysphere-host publish-key":
+      }
+    }
    }
  }
diff --git a/manifests/signer.pp b/manifests/signer.pp

index 350b4be290b730837f2313f5937c9c422fc153b9..cfbe46d94b300bf24385d941c46dd29b9a576593 100644 (file)
--- a/manifests/signer.pp
+++ b/manifests/signer.pp
@@ -1,4 +1,5 @@
-class monkeysphere::signer inherits monkeysphere
-{
+# collect all the host keys
+class monkeysphere::signer {
+  include monkeysphere
    File <<| tag == 'monkeysphere-host' |>>
  }
diff --git a/manifests/sshserver.pp b/manifests/sshserver.pp

index 966e13646235e2af4a6b65c50663b5e45d9c1aaa..43c0f6f2f873f83c92b0f12bb052187e2ecd4cb6 100644 (file)
--- a/manifests/sshserver.pp
+++ b/manifests/sshserver.pp
@@ -1,29 +1,21 @@
-class monkeysphere::sshserver inherits monkeysphere
-{
-
-  exec {"import.hostkey":
-    command => "/usr/sbin/monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://${fqdn} && echo Y | /usr/sbin/monkeysphere-host publish-key",
-    unless => "/usr/sbin/monkeysphere-host show-key",
-    user => root,
-    require => [ Package[ "monkeysphere" ] ],
-  }
-
-  if $monkeysphere_has_hostkey {
-    @@file { "/var/lib/puppet/modules/monkeysphere/hosts/${fqdn}":
-      ensure => present,
-      content => template("monkeysphere/host.erb" ),
-      require => [ Package[ "monkeysphere" ] ],
-      tag => 'monkeysphere-host',
+# include to export your ssh key
+class monkeysphere::sshserver {
+  include monkeysphere
+  if $::monkeysphere_has_hostkey {
+    @@file { "/var/lib/puppet/modules/monkeysphere/hosts/${::fqdn}":
+      ensure  => present,
+      content => template('monkeysphere/host.erb'),
+      require => Package['monkeysphere'],
+      tag     => 'monkeysphere-host',
      }
    }
  
-  file { "/etc/cron.d/update-monkeysphere-auth":
-    ensure => present,
-    source => "puppet:///modules/monkeysphere/etc/cron.d/update-monkeysphere-auth",
-    require => [ Package[ "monkeysphere" ] ],
-    mode => 0644,
-    owner => root,
-    group => root,
+  file{'/etc/cron.d/update-monkeysphere-auth':
+    ensure  => present,
+    source  => 'puppet:///modules/monkeysphere/etc/cron.d/update-monkeysphere-auth',
+    require => Package['monkeysphere'],
+    mode    => '0644',
+    owner   => root,
+    group   => root,
    }
-
  }
diff --git a/manifests/sshserverdanger.pp b/manifests/sshserverdanger.pp

index 7d7f12cfdcc3a3c489e441780d5694cc0521ca45..7ae6970c12912a5fe567a44c94473f7bf1ea48a5 100644 (file)
--- a/manifests/sshserverdanger.pp
+++ b/manifests/sshserverdanger.pp
@@ -1,11 +1,11 @@
-class monkeysphere::sshserverdanger  inherits monkeysphere::sshserver 
-{
-  augeas { "sshd_config":
-    context => "/files/etc/ssh/sshd_config",
-    changes => [
-                "set AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u"
-                ],
-    notify => Service[ "ssh" ],
+# use this to authenticate with monkeysphere on ssh
+# you should not manage the sshd config as a whole
+# or at least put there the same key.
+class monkeysphere::sshserverdanger {
+  include monkeysphere::sshserver
+  augeas{'sshd_config':
+    context => '/files/etc/ssh/sshd_config',
+    changes => [ 'set AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u' ],
+    notify  => Service['ssh'],
    }
-
  }
author	mh <mh@immerda.ch>
	Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)
committer	mh <mh@immerda.ch>
	Wed, 2 Jan 2013 20:13:41 +0000 (21:13 +0100)
manifests/init.pp		patch \| blob \| history
manifests/signer.pp		patch \| blob \| history
manifests/sshserver.pp		patch \| blob \| history
manifests/sshserverdanger.pp		patch \| blob \| history