Defined Type: sshkeys::install_keypair

Defined in:
manifests/install_keypair.pp

Overview

sshkeys::install_keypair

Download a public/private SSH keypair from the Puppet Master and copy them to the ~/.ssh directory for the specified user.

Parameters

[title] identify the key to copy from the puppet master to the local machine. Must be in the form user@host. As well as specifying the keypair to copy from the Puppet Master, the title also denotes the local system user to install the keys for [ensure] Whether a keypair should be present or absent [source] File on the Puppet Master to source the private key from. The filename of the public key will be computed by appending .pub to this string. This is normally derived fully from the sshkeys::params class and the resource title so is not normally needed [ssh_dir] Override the default SSH directory of /home/$user/.ssh

Parameters:

  • ensure (Any) (defaults to: present)
  • source (Any) (defaults to: $title)
  • ssh_dir (Any) (defaults to: false)


22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# File 'manifests/install_keypair.pp', line 22

define sshkeys::install_keypair(
    $ensure   = present,
    $source   = $title,
    $ssh_dir  = false,
) {

  if $title =~ /\w+@\w+/ {
    $split_title = split($title, "@")
    $user = $split_title[0]
    $host = $split_title[1]

    File {
      owner => $user,
      group => $user,
      mode  => "0600",
    }

    if $ssh_dir {
      $_ssh_dir = $ssh_dir
    } else {
      $_ssh_dir = "/home/${user}/.ssh"
    }
  } else {
    fail("requested key '${title}' is not in the correct format - should be user@host")
  }


  if ! defined(File[$_ssh_dir]) {
    file { $_ssh_dir:
      ensure => directory,
    }
  }


  # private key
  file { "${_ssh_dir}/${name}":
    ensure  => $ensure,
    content => sshkeys::sshkey($source),
  }

  # public key
  file { "${_ssh_dir}/${name}.pub":
    ensure  => $ensure,
    content => sshkeys::sshkey($source, true),
  }
}