hggh-sshkeymanager

Release 0.1.3

publish your SSH Public Key configuration from SSH Key Manager to your hosts with Puppet

Repository Puppet Puppet Download

License
GPL-2.0+
Install
puppet module install hggh-sshkeymanager --version 0.1.3

Documentation

sshkeymanager Build Status

publish your SSH Key Manager configuration to your hosts via Puppet.

you need the SSH Key Manager Django Webapp: https://github.com/hggh/sshkeymanager-django

Vagrant Box available: https://github.com/hggh/sshkeymanager-vagrant

Table of Contents

  1. Overview
  2. Requirements
  3. Usage - Configuration options and additional functionality
  4. Parameters
  5. Hiera configuration
  6. SSH configuration

Overview

Puppet module to publish your SSH Key Manager configuration for your hosts via Puppet. This module requires to use the SSH Key Manager Application (Django Webapp) and export the configuration to JSON format for Hiera.

Requirements

  • puppetlabs/stdlib
  • Hiera

Usage

deployment of ssh public keys

use the main class for deploy your ssh public keys to your hosts.

class { 'sshkeymanager':
}

export ssh public key configuration from webapp to the puppet master

on your puppet master server the keys should exported. This class installs the api client programm, the cronjob and the directories:

class { 'sshkeymanager::puppet':
  directory => '/etc/sshkeymanager-hiera',
  storepath => '/etc/sshkeymanager-hiera/{environment}/nodes/{fqdn}.json',
  apikey    => 'your-api-key-from-django',
  address   => 'http://localhost:8000/api/getkeys/',
}

install the django webapp with the puppet module

class { 'sshkeymanager::webapp':
  django_secret_key => '23fdDfsd§sf#fdff§$3Ddd',
  api_keys          => [ 'foobar', 'examplekey' ],
}

Parameters

class { 'sshkeymanager':
  directory => '/etc/sshkeymanager',
}

Per default the sshkeymanager class uses the directory /etc/sshkeymanager. You can change the directory to your needs.

Hiera configuration

You need to add the json backend to your Hiera configuration:

---
:backends:
   - json
   - yaml
:hierarchy:
  - "nodes/%{clientcert}"
  - "%{environment}"
  - common
:json:
  :datadir: '/etc/sshkeymanager-hiera/%{environment}'

SSH configuration

You need to edit on all servers that uses the sshkeymanager class the SSHd configration to point to the directory there all keys are saved:

AuthorizedKeysFile /etc/sshkeymanager/%u

To allow also user key in there own homedirectory you need to setup this:

AuthorizedKeysFile /etc/sshkeymanager/%u .ssh/authorized_keys

Using the SSH module(https://forge.puppetlabs.com/saz/ssh) from Puppet Forge it looks like:

class { 'ssh::server':
  options => {
    'AuthorizedKeysFile' => '/etc/sshkeymanager/%u',
  }
}

Stats

Dependencies
1
Dependent packages
0
Dependent repositories
0
Total releases
4
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
1
Repository size
250 KB
SourceRank
0

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.3
0.1.2
0.1.1
0.1.0

Contributors

Jonas Genannt


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2017-09-12 20:34:38 UTC

Login to resync this project