puppet-prod/sshd_host_principals.rb at develop - puppet-prod - Gitea

unkin/puppet-prod

Ben Vincent b468f67103 feat: sign ssh host keys

- manage python script/venv to sign ssh host certificates
- add approle_id to puppetmaster eyaml files
- add class to sign ssh-rsa host keys
- add facts to check if the current principals match the desired principals

2024-06-01 22:51:42 +10:00

16 lines

303 B

Ruby

Raw Permalink Blame History

 # frozen_string_literal: true
 # lib/facter/sshd_host_principals.rb
 require 'puppet'
 Facter.add('sshd_host_principals') do
   setcode do
     principals_file = '/etc/ssh/host_principals'
     if File.exist?(principals_file)
       File.read(principals_file).split("\n")
     else
       []
     end
   end
 end