ghoneycutt
commented
11 months ago This was by design as it required PuppetDB. Using collections like this is better served in a profile.
Closed Wildcarde closed 11 months ago
ghoneycutt
commented
11 months ago This was by design as it required PuppetDB. Using collections like this is better served in a profile.
Wildcarde
commented
11 months ago To clarify you are suggesting making a module / profile that just has the related code in it to handle that instead since it's a seperate dependency chain from the main code? basically just something that includes:
## export ssh-rsa key to puppetdb
@@sshkey { $::fqdn :
ensure => 'present',
type => 'ssh-rsa',
key => $::sshrsakey,
}
if $manage_global_known_hosts == true {
file { 'global_known_hosts':
ensure => file,
path => $global_known_hosts_path,
owner => $global_known_hosts_owner,
group => $global_known_hosts_group,
mode => $global_known_hosts_mode,
require => 'File[ssh_config]',
}
}
##distribute system public keys to all nodes
Sshkey <<||>> {
target => $global_known_hosts_path,
}
We don't use a profiles structure but an entity-component structure so I'll probably just make a common layer module to handle that code.
I'm working on some updates to add support for ubuntu 22 to my local setup and one of those issues is updating this package. However it appears this modules 4.0/4.1 variant wipes out the ssh_authorized_key file now because it no longer includes a gather command like 3.62 did here: https://github.com/ghoneycutt/puppet-module-ssh/blob/v3.62.0/manifests/init.pp#L1214