New native ssh_authorized_key type

2 files changed, 97 insertions, 0 deletions

diff --git a/lib/puppet/provider/ssh_authorized_key/parsed.rb b/lib/puppet/provider/ssh_authorized_key/parsed.rb
new file mode 100644
index 000000000..228bbc6fc
--- /dev/null
+++ b/lib/puppet/provider/ssh_authorized_key/parsed.rb
@@ -0,0 +1,50 @@
+require 'puppet/provider/parsedfile'
+
+Puppet::Type.type(:ssh_authorized_key).provide(:parsed,
+    :parent => Puppet::Provider::ParsedFile,
+    :filetype => :flat,
+    # Ugly but the parameter is required
+    :default_target => '/proc/NONEXISTANT'
+) do
+    desc "Parse and generate authorized_keys files for SSH."
+
+    text_line :comment, :match => /^#/
+    text_line :blank, :match => /^\s+/
+
+    record_line :parsed,
+        :fields   => %w{options type key name},
+        :optional => %w{options},
+        :rts => /^\s+/,
+        :match    => /^(?:([^ ]+) )?(ssh-dss|ssh-rsa) ([^ ]+)(?: (.+))?$/,
+        :post_parse => proc { |record|
+            if record[:options].nil?
+                record[:options] = [:absent]
+            else
+                record[:options] = record[:options].split(',')
+            end
+        },
+        :pre_gen => proc { |record|
+            if record[:options].include?(:absent)
+                record[:options] = ""
+            else
+                record[:options] = record[:options].join(',')
+            end
+        }
+
+    def prefetch
+        if not @resource.should(:target)
+            #
+            # Set default target when user is given
+            if val = @resource.should(:user)
+                target =  File.expand_path("~%s/.ssh/authorized_keys" % val)
+                Puppet::debug("Setting target to %s" % target)
+                @resource[:target] = target
+            else
+                raise Puppet::Error, "Missing attribute 'user' or 'target'"
+            end
+        end
+
+        super
+    end
+end
+
diff --git a/lib/puppet/type/ssh_authorized_key.rb b/lib/puppet/type/ssh_authorized_key.rb
new file mode 100644
index 000000000..97521ccab
--- /dev/null
+++ b/lib/puppet/type/ssh_authorized_key.rb
@@ -0,0 +1,47 @@
+module Puppet
+    newtype(:ssh_authorized_key) do
+        @doc = "Manages ssh authorized keys."
+
+        ensurable
+
+        newparam(:name) do
+            desc "The ssh key comment."
+
+            isnamevar
+        end
+
+        newproperty(:type) do
+            desc "The encryption type used.  Probably ssh-dss or ssh-rsa for
+                  ssh version 2. Not used for ssh version 1."
+
+            newvalue("ssh-dss")
+            newvalue("ssh-rsa")
+            newvalue("none")
+
+            aliasvalue(:dsa, "ssh-dss")
+            aliasvalue(:rsa, "ssh-rsa")
+
+            defaultto "none"
+        end
+
+        newproperty(:key) do
+            desc "The key itself; generally a long string of hex digits."
+        end
+
+        newproperty(:user) do
+            desc "The user account in which the ssh key should be installed."
+        end
+
+        newproperty(:target) do
+            desc "The file in which to store the ssh key."
+        end
+
+        newproperty(:options, :array_matching => :all) do
+            desc "Key options, see sshd(8) for possible values. Multiple values
+              should be specified as an array."
+
+            defaultto do :absent end
+        end
+    end
+end
+