diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2021-12-29 21:39:50 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2021-12-29 21:40:46 +0100 |
| commit | d85199505c9ce77cd5824c7593a3ee4c8ed8a266 (patch) | |
| tree | 4fa2fe5c3beacf138e7a6b334420684362669c71 | |
| parent | Move cgit conf to hiera. (diff) | |
| download | webdav_server-d85199505c9ce77cd5824c7593a3ee4c8ed8a266.tar.gz webdav_server-d85199505c9ce77cd5824c7593a3ee4c8ed8a266.tar.xz | |
Automatic ssh keys.
| -rw-r--r-- | modules/ssh/manifests/init.pp | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/modules/ssh/manifests/init.pp b/modules/ssh/manifests/init.pp index 8db8eef..8a50ef1 100644 --- a/modules/ssh/manifests/init.pp +++ b/modules/ssh/manifests/init.pp @@ -1,5 +1,6 @@ class ssh ( Variant[Enum['prohibit-password'], Boolean] $permit_root_login = false, + Array[String] $authorized_keys = [], ) { $pkgs = $facts['os']['family'] ? { @@ -22,6 +23,20 @@ class ssh ( match => '^#? *PermitRootLogin ', } + file { '/root/.ssh': + ensure => directory, + } + + file { '/root/.ssh/authorized_keys': + ensure => file, + } + + $authorized_keys.each |$key| { + file_line { "Authorize ssh key ${key}": + path => '/root/.ssh/authorized_keys', + line => $key, + } + } # file { '/etc/ssh/sshd_config': # ensure => file, |