From 5c238454bf1dc71195fddac8eaaf83d89da4930b Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Thu, 20 Aug 2015 09:15:26 +0200
Subject: [PATCH] create portforwarder key

---
 modules/portforwarder/manifests/init.pp | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/modules/portforwarder/manifests/init.pp b/modules/portforwarder/manifests/init.pp
index 2cc45824..e7009b22 100644
--- a/modules/portforwarder/manifests/init.pp
+++ b/modules/portforwarder/manifests/init.pp
@@ -1,6 +1,14 @@
 class portforwarder {
 	# do not depend on xinetd, yet.  it might uninstall other inetds
 	# for now this will have to be done manually
+
+	if ! $::portforwarder_key {
+		exec { 'create-portforwarder-key':
+			command => '/bin/su - portforwarder -c \'mkdir -p -m 02700 .ssh && ssh-keygen -C "`whoami`@`hostname` (`date +%Y-%m-%d`)" -P "" -f .ssh/id_rsa -q\'',
+			onlyif  => '/usr/bin/getent passwd portforwarder > /dev/null && ! [ -e /home/portforwarder/.ssh/id_rsa ]'
+		}
+	}
+
 	file { '/etc/ssh/userkeys/portforwarder':
 		content => template('portforwarder/authorized_keys.erb'),
 	}
-- 
2.39.2