ferm: change ferm.conf to a template

[dsa-puppet.git] / modules / portforwarder / templates / authorized_keys.erb

diff --git a/modules/portforwarder/templates/authorized_keys.erb b/modules/portforwarder/templates/authorized_keys.erb
index 985f367c7aaf3d094c06214b9b86ee094aad8ba7..063312a2f6008e5131fb8a05cce91dd14c0d04f2 100644 (file)
--- a/modules/portforwarder/templates/authorized_keys.erb
+++ b/modules/portforwarder/templates/authorized_keys.erb
@@ -4,6 +4,13 @@
 ##
 
 <%=
+
+require 'digest/sha1'
+def get_local_ip_addr(host)
+       hash = Digest::SHA1.digest(host)
+       return '127.101.%d.%d'%[hash[0].ord, hash[1].ord]
+end
+
 def getportforwarderkey(host)
        key = nil
        begin
@@ -29,8 +36,8 @@ config.each_pair do |sourcehost, services|
 
        if allowed_ports.length > 0
                sshkey = getportforwarderkey(sourcehost)
-               remote_ip = keyinfo[sourcehost]['ipHostNumber'].join(',')
-               local_bind = '127.101.%d.%d'%[ (sourcehost.hash / 256 % 256), sourcehost.hash % 256 ]
+               remote_ip = scope.lookupvar('site::allnodeinfo')[sourcehost]['ipHostNumber'].join(',')
+               local_bind = get_local_ip_addr(sourcehost)
 
                lines << "# from #{sourcehost}"
                if sshkey.nil? or remote_ip.nil? or local_bind.nil?