#739311 - Pastie

Theme:
        $dhg_user_keys          = [ "joe", "bob" ]

        auth::key { "add dhg_user_keys to IDC user for remote mgmt":
                        ensure          => present,
                        destuser        => "idc",
                        sourcekeys      => $dhg_user_keys,
        }



       ###
        # Possible replacement for the above code. Add SSH key to existing
        # account without replacing the file.
        ###
        define key ($ensure = 'present', $destuser, $sourcekeys) {

                ###
                # First thing we do in this definition, make sure that
                # the users authorized_keys file exists and has the
                # right permissions. This is before we make any changes.
                ###
                file {
                        "/home/$destuser":
                                ensure  => directory,
                                owner   => $destuser;

                        "/home/$destuser/.ssh":
                                ensure  => directory,
                                owner   => $destuser,
                                mode    => 700,
                                require => File["/home/$destuser"];

                        "/home/$destuser/.ssh/authorized_keys":
                                ensure  => present,
                                owner   => $destuser,
                                mode    => 644,
                                require => File["/home/$destuser/.ssh"],
                }

                case $ensure {
                        present:  {
                                multiline {
                                        [ $sourcekeys ]:
                                                linedir         => "/etc/puppet/files/idcadmin/auth/keys/",
                                                extension       => ".pub",
                                                ensure          => present,
                                                require         => File["/home/$destuser/.ssh/authorized_keys"],
                                                file            => "/home/$destuser/.ssh/authorized_keys";
                                }
                        }
                }

        }


define multiline( $file, $linedir, $ensure = 'present', $extension = '') {
        $line = file("${linedir}/${name}${extension}")
        case $ensure {
                default : { err ( "unknown ensure value '${ensure}'" ) }
                present: {
                        exec { "echo ${linedir}/$name to ${file}":
                                command         => "echo '${line}' >> '${file}'",
                                unless          => "grep -qFx '${line}' '${file}'",
                        }
                }
                absent: {
                        exec { "remove the ${line} from ${file}":
                                command         => "perl -ni -e 'print if \$_ ne \"${line}\n\";' '${file}'",
                                onlyif          => "grep -qFx '${line}' '${file}'"
                        }
                }
        }
}