Ask Your Question
1

How can I create ssh_authorized_keys from hiera hash with create_resources for multiple users?

asked 2013-06-05 05:23:15 -0500

MookiE gravatar image

updated 2013-06-05 08:16:12 -0500

Hi,

I have some ssh keys in stored in the a hiera yaml file:

---
ssh_keys:
  bob:
    key: 'cryptosshpublickey'
  jon:
    type: 'ssh-dss'
    key: 'anothercryptosshpublickey'

Now I want to create some ssh_authorized_key resources with create_resources in the manifest I use to create the users:

create_resources('ssh_authorized_key',hiera('ssh_keys'),{ user => $title })

But if I create more than one user I get this error:

Error: Duplicate declaration: Ssh_authorized_key[bob] is already declared on node <a href="http://debian-70rc1-x64-vbox4210-nocm.vagrantup.com">debian-70rc1-x64-vbox4210-nocm.vagrantup.com</a>

Can anyone please tell me a better way to do this or how I can perhaps add the username to ... (more)

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2013-06-05 07:52:22 -0500

llowder gravatar image

A couple of issues here.

First,

create_resources('ssh_authorized_key',hiera('ssh_keys'),{ user => $title })

will result in each ssh_authorized_key having the user set to the name of the class (possibly node def) of what calls it.

If you want to use this sort of syntax, you will need to use a wrapper defined type, such as:

define module::my_ssh_auth_keys(
  $name,
  $key,
  $ensure  = present,
  $type    = 'ssh-dss',
  $user    = $name,
  $options = []
){
  ssh_authorized_key{
    $name:
      ensure  => $ensure,
      name    => $name,
      type    => $type,
      user    => $user,
      options => $options,
}

Then in your node def, or a role or profile class, you can do like:

create_resources('module::my_ssh_auth_key',hiera('ssh_keys'))

I generally ... (more)

edit flag offensive delete link more

Comments

I wrote "with create_resources in the manifest I use to create the users". I have a defined resource which I call with user::system { 'username': } in the user/manifest/system ...(more)

MookiE gravatar imageMookiE ( 2013-06-05 08:15:58 -0500 )edit

Can you show the full code for this manifest? Your question doesn't state if this is a class or a define - if it is a class, you will have ...(more)

llowder gravatar imagellowder ( 2013-06-05 10:21:17 -0500 )edit
0

answered 2013-11-19 14:03:08 -0500

Thynan gravatar image

updated 2013-11-20 05:56:51 -0500

I think there's an error in llowders solution. In your "module::mysshauth_keys" defined type you forgot to add

 "key => $key"

Also I had to write my hiera yaml file like this:

mymodule::ssh_keys:
  bob:
    name: bob
    key: AAAAB3NzaC1....
    type: ssh-rsa

Without adding the name attribute, puppet complained, which is strange because i thought the top element (bob) would be the name by default.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2013-06-05 05:23:15 -0500

Seen: 3,241 times

Last updated: Nov 20 '13