]> git.donarmstrong.com Git - dsa-puppet.git/blobdiff - modules/portforwarder/templates/authorized_keys.erb
projects / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
I wonder in how many ways this will blow up
[dsa-puppet.git] / modules / portforwarder / templates / authorized_keys.erb
diff --git a/modules/portforwarder/templates/authorized_keys.erb b/modules/portforwarder/templates/authorized_keys.erb
new file mode 100644 (file)
index 0000000..fe4ac47
--- /dev/null
+++ b/modules/portforwarder/templates/authorized_keys.erb
@@ -0,0 +1,24 @@
+<%=
+config = YAML.load(File.open('/etc/puppet/modules/portforwarder/misc/config.yaml').read)
+config.each_pair do |sourcehost, services|
+       services.each do |service|
+               next if service['target_host'] != hostname
+
+               sshkey = nil
+               remote_ip = keyinfo[sourcehost][0]['ipHostNumber'].join(',')
+               forward_to_port = service['target_port']
+               local_bind = 127.0.0.2
+
+               lines << "# from #{sourcehost} on local port #{service['source_bind_port']}"
+               if remote_ip.nil? or forward_to_port.nil? or local_bind.nil?
+               #if sshkey.nil? or remote_ip.nil? or forward_to_port.nil? or local_bind.nil?
+                       lines << "# insufficient config values"
+               else
+                       #lines << "from=\"#{remote_ip}\",command=\"/bin/nc -s #{local_bind} 127.0.0.1 #{forward_to_port}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding #{sshkey}"
+                       lines << "#from=\"#{remote_ip}\",command=\"/bin/nc -s #{local_bind} 127.0.0.1 #{forward_to_port}\",no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding <sshkey here>"
+               end
+       end
+end
+lines = []
+lines.join("\n")
+%>
Unnamed repository; edit this file 'description' to name the repository.