| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 | # Manage ssh config for a particular user
define ssh_config(
  $owner,
  $group,
  $home               = '/home/$owner',
  $ssh_localhost_auth = false
) {
  ssh_folder { "ssh-config-${name}":
    home  => $home,
    owner => $owner,
    group => $group,
  }
  file { "${home}/.ssh/config":
    ensure  => present,
    owner   => $owner,
    group   => $group,
    mode    => 0600,
    require => File["${home}/.ssh"],
  }
  # The NoHostAuthenticationForLocalhost ssh option might be useful
  # for automated deployment environments so your ikiwiki user doesn't
  # get stuck with the fingerprint confirmation prompt when pushing
  # content via ssh in the first time it runs.
  line { 'NoHostAuthenticationForLocalhost-${owner}':
    file   => "${home}/.ssh/config",
    line   => "NoHostAuthenticationForLocalhost yes",
    ensure => $ssh_localhost_auth ? {
      'auto'        => present,
      'fingerprint' => absent,
      default       => absent,
    },
  }
}
 |