create authorized_keys for wb-buildd

[dsa-puppet.git] / modules / roles / templates / buildd_master_wb-authorized_keys.erb

diff --git a/modules/roles/templates/buildd_master_wb-authorized_keys.erb b/modules/roles/templates/buildd_master_wb-authorized_keys.erb
new file mode 100644 (file)
index 0000000..67267c9
--- /dev/null
+++ b/modules/roles/templates/buildd_master_wb-authorized_keys.erb
@@ -0,0 +1,42 @@
+##
+## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
+##
+
+<%=
+def getbuilddkey(host)
+    key = nil
+    begin
+        facts = YAML.load(File.open("/var/lib/puppet/yaml/facts/#{host}.yaml").read)
+        return facts.values['buildd_key']
+    rescue Exception => e
+    end
+    return key
+end
+
+allnodeinfo = scope.lookupvar('site::allnodeinfo')
+roles = scope.lookupvar('site::roles')
+
+mirrors = []
+roles['buildd'].each do |node|
+        key = getbuilddkey(node)
+        mirrors << { 'node' => node, 'addr' => allnodeinfo[node]['ipHostNumber'], 'key' => key}
+end
+
+lines = []
+for m in mirrors do
+    lines << '# ' + m['node']
+    if m['key'].nil?
+        lines << "# no key for node"
+    else
+        lines << "command=\"/srv/wanna-build/bin/wanna-build --ssh-wrapper  #{m['node']}\"," +
+                 'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc,' +
+                 'from="' + m['addr'].join(',') + '" ' +
+                 m['key']
+    end
+end
+
+lines.join("\n")
+# vim:set et:
+# vim:set sts=4 ts=4:
+# vim:set shiftwidth=4:
+%>