X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fssh%2Ftemplates%2Fauthorized_keys.erb;h=a37c0c683332cacf68bfa32be4bbe94efb9ef406;hb=f79ea6dfc8236090b64955613e959f6a6e710536;hp=a955b6b0bef15d8bcdd8cc0acd8ff697479c4fe7;hpb=dc0958ea03bbfddfac2c025bdbafa8ef6e238dbf;p=dsa-puppet.git diff --git a/modules/ssh/templates/authorized_keys.erb b/modules/ssh/templates/authorized_keys.erb index a955b6b0..a37c0c68 100644 --- a/modules/ssh/templates/authorized_keys.erb +++ b/modules/ssh/templates/authorized_keys.erb @@ -1,3 +1,8 @@ +<% + allnodeinfo = scope.lookupvar('site::allnodeinfo') + roles = scope.lookupvar('site::roles') +%> + # local admin <%= hosterkeys = case scope.lookupvar('site::nodeinfo')['hoster']['name'] when "ubcece" then @@ -6,22 +11,14 @@ hosterkeys %> <%= localkeys = case fqdn - when "argento.debian.org" then "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA5q3myoIMyqv6HhAR4lxaO7OXLRkKqUlEHeCudksc7ZAVSqJAQ3ODn8zAoY34duvRUOq7xpGcl8gXWujCtcUWDZCxNsxz+iWI/3oEaZly/ZTJXtoYUjmUodV7PJ8DbokiJGUIc1s3MiGa9QYam0D28TT8jWCJFcthC7VS61GBgT8= /Users/manon/.ssh/id_rsa - Manon Goo Local Admin" - when "mahler.debian.org" then "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1bAZGQUdVBdX5N8985OG25yYO6wybV0HmL0jeyun8qOmyi15RlkP8XiWXkvBLE98Nh9Ji2UgMZog7geT65zf+bE2crxu9LmAIbNiMgh+Yk6JFCy8ZFiKmCngHLlkWlD3Z4YTYdSxiETXkE4EB1arXi3wt9h7Iq/h7ZmpVL3njaqPGhdZmo9r+c8eZnwD77VIk+pcCB5Yqh3Nu/RaNAMr9hrHfvd62NnYRG3vcdj9aQo3Cshh8tTqzw10B8lCUKrHSbtL8aFzUrZqFilcNWs36mGVnzcLya/TM1uID9z41O47ZDOfZvLkSmGPb44Jwcdt1DK8r60OBdGoHBOa337N7w== noahm@crystalline-entity" - when "pergolesi.debian.org" then "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA71vh3lytStDCr6df5u2tyzk45L7i8QoNysP51+ga6+v8kwMva30zw5fUD6BHYwNfwo1UZzUtsGLE5HTxKuBlfXs+myWjqpjbF3xSpPjbxKZYiLKMpJ5CVC0Mp6f2kSQ5sSC6Ue/etlAqs9D4rgbexo00QlOtBVof+Zolr3SyR6Y/Coo4UCHeFIAf8KQmhKhYEfPsIgsm+IsnpHglqZ8krOm60Fzo/K5xwb2raoVyg73cvBpaST3VGqqlT2+iTKLHUTaWSOvIj99KV6mYBdD4V8CCs3FWrKfM7wlXwBm/LVmr406Ho0QUo1zHZckvUITHtFQW0QwHpaR717fWB5lBz0d9VlQMz2JR7WfzX+iJqTAnVljjFYJIIHBQR8Xr0Z2rkSEjpi1Ar4iPQbYswMMnBQSGhITMPysHqZb75WYg17cubUbDwpiKPCdmDc5/iNoRFOLOW7vwcBISynUweRDDgeZI7sSFydEnIVK+hrLLmI/XZe4ekhZZXQYCc/tllc9kt2qpU8EWlFs0zSnUD/Lj0WOcgiSOJ3pzQWBBN2EHpM2FfdFa+qUhReSbIrWDgqLe9pkJ2emHFDRhBT4r2f85dw9BSUSVpxpA69fYCyZprJUs214Cq+nTZCSzKFfvflJR7VdCmEu0d5Wavf740OQ4gVipQHqydQVW5m4tYDQHR/s= hb@freenet-rz.de aka holger.baust@freenet-ag.de" when "pettersson.debian.org" then "from=\"nixon.acc.umu.se\" ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwDw56/XK0/uQB+ZIOZIfZ3vpz9zLRuv6G0U4eU4VavqvaL0dXSNhGJLBDLlfpxtJYwYf/mSoK4WZasbbfHxz8jtIxK9c9aGkVA0GKT+xiHWB3J1SlwJaA7S7Ed8nNcG5PNOVd30BD5LimkS53Nz841e+MgZRuL9SfLALq7er03U= root@nixon" - when "rem.debian.org" then "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAnHlDow0vUPDbi6OXKAkIV2zFi3xcDQAPLLmWJRY25HKvTLxkHlmXZH6CHrgx5deX4EogK6xWOvjUHdi/RD/BRU9DKFt6mepfGQvJQNeHK44S/yDrmPPWJq/bsCVu1ulOiLxGD4I2ei/4cDhWE5WypRC5Mn9+NOmNZp2kk9IL0UQChOQCXsPsVsch4wsuHns135TSzhH68X2iJK6GkqBeTvMs5DFqf2IbB4iLKASTxQITP1O3HYF4I5hVW9RGQD6i61TPAFKHkeruaMR0c4H7+f+jur9uo3URSTAidylspCST0/qg5xpDAcwDcfLItAtBuILQHyA6NSpBKEWA3zFzemJTDB3E/QEMMRInKJZFIhi08gtnETNxERG1+onss62lVCVn21SMYJQqHNW7GYmVqUlZLUKKUmTaualx0MHO8ODVJg2xzk/X0LWeE/0Nht/cg/DuqqA5DtSqXsw22kNAd+bTMnn0i+gahyCeLVswAhBVKjuLtU9SQXA4GsTxAvDd8rPRtusDI146fvPwgJCXMLStnZvs/22oXVdmMwwWbo5u5qUBqX51AjGI2i3b+JYQJrtBRnR0iNJV1VDiuRhsy48C4wUNRGX+DM78fldpKin5XMsSyEludyh9R7vFFtZMQFCqJelxfgDP5pU+jrxhFKY9rVcHTT0BqgWmpwPHkPs= rmurray@cyberhq -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt3g97cGfOA9DnAKF6h8RlFDppPtyKfjlyvG4f+gTTYAkJVxeC8aCab4rSlhxNKho6r7OoZRj408J0/rr0INtbA4FnepQBZlvWwrV3vZRafVMq6rwXF3hh22d8iDv+g2HTDiGIlgANwaRlQP56gM9C8sF7gGw4PyaU7qG8+AAn3U= flo@paradigm -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwbRijHuvIC6cZUZwUfqLT5t/4GRvqiBBmYXkRRhwMajTOBeaR6vRx9mZ+UdTAUKno8LuMNvFoovvwXBqqwH7yMa/SHgpA0wXl+bcYUbtoRbOVQEXwX/70Yoo0HLMGwoeuddjUICYZQomLYYLlkrWt1in9g4AGzqtmyCcDrxaneGYOvwJIm4sBhhJfns3j8AK7wIAaOA5fU9azR6JofX8g7QhqVrTlww0yOTlHsqheGUnLVzqPTzcJTPLDWKs9DOZT8a+IOc1R5TS2k07IFZk4TjCodW+iLCKHdudqpS8MKOY9EtfDaANl7JeCNa0NUZRVeXX9H4jtPIJ5/naa6m1XQ== Florian.Lohoff(flo,mW-N,RSA,2048)" - when "tartini.debian.org" then "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAmXjNW2OoDl7mwAyzHHNMMfuGGor6Vgr2LiKdlVmRCk6EeqrYrRY4ZYsJ2c0nBNzvzgxLO/deau/LBYdpNIO5341GvSWWIA+2khXY+Fzb35UGt4J5eZWOLYsJmplM3xm9lde404WOgqqu0ywsXJMxYmQtqzUjI/tFA5zyE2baPpMjnYyfmxPPOXdv7L6uK5qaWGZFBp8iVJxYwvUTADstAz077kiBpaZoEG1jr8kEzwd2so9cNDGq4wmjF2xv3M2i/rmSLgoLGeI6GtgTL3BU39CXFXa9y5sMRf4opxSzV2JwGtXbhmtqkHZAXufMndRmEy9IyOkFsJvUJoUe0n+Hhwo/JGiXC2vBGA0ueeMXtUgjYs11cprd6rVI8+WZMND9YOdwS71aWXiX5zN36F3JdaND4yblLpATprHp6/npYCSI5IC/42m4AbWu6aj85SC9Bnegb+FkLCUIcXQ/STPr9ptaaRCNBucbSAovJ84k6Ny2qwUfSYT3zWkL6hl5JnIv9y4HbfFHAD2e4dCXidb8H3/X8H/giwPvtOLwiHf8r+Kxya6JuYzo/ZoGhQhP2MnfyxapoqG+kixU0pPaPN39trraTOzZNXIPOxyyuGhu77x4oh4uNBqnpr2aR1xi+/qvSK0f/BO0AyHLRZXtTbn9Bjr588Vb/Cx9t0aKGJCSPoE= jeroen@eee.wolffelaar.nl 2008-05-14" end localkeys %> <%= ganetikeys = [] - allnodeinfo = scope.lookupvar('site::allnodeinfo') if scope.lookupvar('::cluster').to_s != 'undefined' - scope.lookupvar('::cluster_nodes').to_s.split.sort.each do |node| + scope.lookupvar('::cluster_nodes').split.sort.each do |node| if allnodeinfo.has_key?(node) ganetikeys << "# for ganeti cluster #{scope.lookupvar('::cluster').to_s}: #{allnodeinfo[node]['hostname'][0]}" ganetikeys << "from=\"#{allnodeinfo[node]['ipHostNumber'].join(',')}\" #{allnodeinfo[node]['sshRSAHostKey'][0]}" @@ -42,19 +39,25 @@ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1zy2/qSBpYaOKYVEnDI+KEiQlPiKsTv96zJeNdu7xLY1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuWUv0xRqmnrYX/7b80HIAY9s80Qp4QRFH3DXEkuyDeprJC+GdJs2S/fwhWI9eZDF8NN03SLoOg9q7lXoy2Ts6tda8zfqIf/IBnvcqbsoCtbmrOTvwHj5fVFh0fw72KSc8b+Bccs+1aLXUqP2eSKXB9jpR+apUd7DQ0i6si2/fwrQvqXZ71NeRkcSXIuED9PCA2298DKob1tCAXP1XSIswxxgHdGZgVHYhNt33XSM7zksTbMjr7NBZkJOcgk3dLOVz2RSo38+Curv8nPVoD4uIsE551GXnNTPZiMosvDY3Cy3gTwBhpXFxtkRDr0jMQpYj+ahQ3F+MFJr+0S89QeHfQ== Martin Zobel-Helas - debian adm key (2010-01-04) # weasel ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAqtZYwCwuLP2KZOfqdRyKbexfhcfEiwY7en7aYmY7eUxa396Nzhxv1KOl2xpatD40/TPHtU+GUMxa0PLM7Tn5j2HxZ5S/bjp2l881EWJlYUzZjL95e/PBhPM2r6/VvLTHI7dFI+2s2/LDIuRn3dKsIxFncRzZRjPrpks14wpII4UpVTwQSrBMwkweq0anUiUtw/y7s33fSQJKYu7gXkmkm7mtuF8PJnvI6j482pu34GxWGjjSs9f7ZAm2+mXviVedAsrN3E4MgK14Z6+lOIxfgWmZ2gz33u2nbJ5TCTGJYyxbkaYXXLKo8JW2GtcCZchmhw4kUzo0rfRIXI80e4FEeh3Tj2X0518xp7m/SvKa2nE/dcye2a77ruJZJ0tzHqUmXZSMT5ZdOqgIxeqLGksNFK1mPUbMsfkxbCANVLp17CIeqUtiMYfOjzCuKc3GdYe8Mp47dQx824hnfEldJw9dWH8d+ELO64UsQnEIleQt+d2ASdFK0Vc2SmG7gxcFa2OU9V8TAWx/HKhBhW5KkMKUagATYLgbqzMRfgqslJFDJxB8fQ++Xlodq20MTt2TM9L89ilKyzmG/tNawR71l8+U/sxJS6/sVVXCzHLlMEyVnYRZMBeNwiW2ZBjM+mTv300vUS7+iNUOaZasPOMJqV3d4ImgRUMcOmExMDAnHCRGS10= Peter Palfrader - debian adm key (2008-05-11) +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDR9rh9AuBKt7yEAgtpvTPTl/SJWi2nAe5h5cnhTpWwPQU0VwxpJZlHWDBxldcrqUCZsycpa5e82ABLeZF9n5Sf54PbSRjCMo515/8hOkkGe6EFchI0HL+pVrSDEyVm0ymHFOj7MQn2uC3mQfOzv+v89zK1KR2355cUVjCx6JMuzwn0cQR4bTZ0YA7JSxkDuLgKooIBzck02M6yrJEEZbrk4q+qv6Enls3kwBbPY5KDVmo3apjbBlZMWd4aZtjhL0xT8VqsVhTRZrTg8DrAbW2dmE+fV7x9TeNSh30WYWzx/AdYerMtA4SrnTc2Bhntvngu98w++IILckG1zEsSP6Mr Peter Palfrader (authentication key) - A091F0BBB2A1CD5E (20140504) # sgran ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAuGJnElqbhgLtmJp/de8s42cAwKrkAhFq5u8EAkauEv6BZNqvY/6aRBxCNU55e5JZKa7D1qKMG0upZFCOl5K36uv0KXlCvIMgaQqQcce41dtNRmiyHpw3LXqdV2qJNpJAXMpsEN4F/STkftTOcFhI9nhz88IIwsboCErla1W8NxxRkBU0FxpT4Zn1wBlq30o12gtBFs3lO+nE7+k8H8I791V+3kjVAXCDh5Ep8BY4Bg8eSuhwUgmiNvWf6E6/D0s9pFJdAMFKFLPivsnc13nfgYDmxZQKrkVV8LqIGaisy7Q3LdQLKBraWYmfQ5idkaPK+EUSERdusG7pB0wzp1ieA1iEkgMRFFLBx22tQmEdmu+Wo3vM77FmNYWvvPKDwKYn1uwg0Kgf1JTWlFwq5C73EG3Q6Vb6ExNPaX/GMDkpi0Km5p2/BIM/jyCmCH+ScFRCtzJoxEg3L7BFdCKgY1bQW2pZDMRQ9nc32+EDUGQQbYp44/8mr4mXqDYV4VElZTqWZ6hJZk1cS7hustO8lJE3Yykp+q/5I0cq7fxe5aLBO5DwTPq9EY/dlcTy8z09Itm/AcJuCipg4I0nQ1cSDTNYn+4NVxoga/yS3gJlU5euXKmcaK9SaRCBIHtWR/Semza3Imvgtgd25bwKI+6VT/fHgqgmvo184NZID099w2E90eE= sgran's root key for debian.org machines -<%= machine_keys = case fqdn - when "beethoven.debian.org" then - out = '' - scope.lookupvar('site::allnodeinfo').keys.sort.each do |node| - out += '# ' + scope.lookupvar('site::allnodeinfo')[node]['hostname'][0] + ' -command="/usr/lib/da-backup/da-backup-ssh-wrap ' + scope.lookupvar('site::allnodeinfo')[node]['hostname'][0] + '",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="' + scope.lookupvar('site::allnodeinfo')[node]['ipHostNumber'].join(',') + '" ' + scope.lookupvar('site::allnodeinfo')[node]['sshRSAHostKey'][0] + ' +<%= -' - end - out - end -machine_keys +machine_keys = [] +case fqdn + when "backuphost.debian.org" then + roles['dabackup_client'].each do |node| + if allnodeinfo.has_key?(node) + hostname = allnodeinfo[node]['hostname'][0] + + machine_keys << "# #{hostname}" + machine_keys << "command=\"/usr/lib/da-backup/da-backup-ssh-wrap #{hostname}\",from=\"#{allnodeinfo[node]['ipHostNumber'].join(',')}\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-user-rc #{allnodeinfo[node]['sshRSAHostKey'][0]}" + else + machine_keys << "# host #{node} not found in allnodeinfo" + end + end +end +machine_keys.join("\n") %>