feat: sign ssh host keys

- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals
This commit is contained in:
2024-05-26 14:57:34 +10:00
parent cc7165055d
commit b468f67103
11 changed files with 288 additions and 0 deletions
@@ -15,6 +15,7 @@ class profiles::puppet::puppetmaster (
include profiles::puppet::autosign
include profiles::puppet::gems
include profiles::helpers::certmanager
include profiles::helpers::sshsignhost
include profiles::puppet::server
include profiles::puppet::puppetca
include profiles::puppet::eyaml