I am trying to use puppet to bootstrap a new VPS. I am going to be running multiple sites, and, at the moment I am planning on running them in separate user accounts. I want to have a common authorized key for all of these users. I am using puppet 4.10.
The issue I'm having is that I want to add my ssh key
into the authorized_keys for all of these users, but I can't seem to work out how to have a common resource. I've tried adding it in a class and then including that, but it's a duplicate. I tried passing in a variable to the class, but again, duplicate.
Basically I have a module like this
class wibble_somesite {
user { 'someuser':
ensure => 'present',
managehome => true,
purge_ssh_keys => true,
home => '/home/someuser',
shell => '/bin/bash'
}
ssh_authorized_key { 'patrickmacbookair':
ensure => present,
user => 'someuser',
type => 'ssh-rsa',
key => 'some_shared_key'
}
}
which I then include in my manifests/site.pp
. However, I want to have multiples of these class wibble_someothersite
and I want to centrally manage the some_shared_key
inside the ssh_authorized_key
stanza.
Any help would be appreciated. I have tried following the docs but I just haven't got anywhere.
I could just duplicate all the ssh_authorized_key
calls, but that's obviously horrible.
You cannot have multiple instances of a class. However, you can with defined types.
Your example can be :
define wibble_somesite () {
user { $title:
ensure => 'present',
managehome => true,
purge_ssh_keys => true,
home => "/home/${title}",
shell => '/bin/bash'
}
ssh_authorized_key { "${title}_patrickmacbookair":
ensure => present,
user => $title,
type => 'ssh-rsa',
key => 'some_shared_key'
}
}
And you can use it like this :
wibble_somesite{'patrick':}
wibble_somesite{'bob':}
It will create users 'patrick' and 'bob', and allow the shared key to connect.
Is this what you are are looking for ?