feat: manage ssh known hosts

- disable use of stored configs for ssh-known-hosts
- manage the /etc/ssh/ssh_known_hosts content
This commit is contained in:
2024-06-09 19:40:44 +10:00
parent 777fe1aef6
commit 52b06dcd8e
4 changed files with 21 additions and 0 deletions
+1
View File
@@ -33,6 +33,7 @@ class profiles::base (
include profiles::dns::base
include profiles::pki::vault
include profiles::ssh::sign
include profiles::ssh::knownhosts
include profiles::cloudinit::init
include profiles::metrics::default
include profiles::helpers::node_lookup
+12
View File
@@ -0,0 +1,12 @@
# manage known hosts
class profiles::ssh::knownhosts (
Array $lines = [],
) {
file {'/etc/ssh/ssh_known_hosts':
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0644',
content => template('profiles/ssh/ssh_known_hosts.erb'),
}
}
@@ -0,0 +1,4 @@
# this file is managed by puppet
<% @lines.each do |line| -%>
<%= line %>
<% end -%>