## output

Apr 28 13:21:32 monitor1 puppetmasterd[12401]: HUZZAH
Apr 28 13:21:32 monitor1 puppetmasterd[12401]: log2universe
Apr 28 13:21:32 monitor1 puppetmasterd[12401]: universe
Apr 28 13:21:32 monitor1 puppetmasterd[12401]: MATCHED


## func

module Puppet::Parser::Functions
   newfunction(:currhost_containedin, :type => :rvalue) do |args|
      fromhosts = lookupvar('fromhosts')
      hostname = lookupvar('hostname')
      Puppet.notice("HUZZAH")
      Puppet.notice("#{fromhosts}")
      Puppet.notice("#{hostname}")
      if fromhosts.include?("#{hostname}")
         Puppet.notice("MATCHED")
      else
         Puppet.notice("NOMATCH")
      end
   end
end


## manifest

class ssh_keys {
   # User keys
   @ssh_userkeys {
      "storage":
         privkeyname => "id_rsa",
         fromhosts   => ["log2","universe"],
         dotsshpath  => "/home/storage/.ssh";
   }

define ssh_userkeys( $dotsshpath, $privkeyname, $type = "rsa", $fromhosts ){
   $pubkey_contents  = file("/etc/puppet/files/usersshkeys/${name}_${privkeyname}.pub")
   $privkey_contents = file("/etc/puppet/files/usersshkeys/${name}_${privkeyname}")
   $authkeysfile     = "$dotsshpath/authorized_keys"

   # Public key
   ssh_authorized_key {
      "$name ($authkeysfile)":
         user    => $name,
         ensure  => "present",
         target  => $authkeysfile,
         type    => $type ? { rsa => "ssh-rsa", default => "ssh-dsa" },
         key     => chomp($pubkey_contents),
         require => File[$dotsshpath,$authkeysfile];
   }

   # Private key
   $copypriv = currhost_containedin($fromhosts)
   if $copypriv == "true" {
      file { "privkey_${name}_${privkeyname}":
         owner   => $name,
         group   => $name,
         ensure  => "file",
         path    => "$dotsshpath/$privkeyname",
         mode    => "0600",
         content => $privkey_contents;
      }
   }
}