summaryrefslogtreecommitdiff
path: root/Propellor/Property/Ssh.hs
diff options
context:
space:
mode:
authorJoey Hess2014-04-12 21:34:25 -0400
committerJoey Hess2014-04-12 21:34:25 -0400
commit6075fc636dfd9d8c946ed11a58ffa7059dd560d0 (patch)
treeba98715faf1752269da6b1d8ccfb04d6178268b1 /Propellor/Property/Ssh.hs
parent39ea83ea2416cf67d3f837cc564472ffbef136f2 (diff)
propellor spin
Diffstat (limited to 'Propellor/Property/Ssh.hs')
-rw-r--r--Propellor/Property/Ssh.hs27
1 files changed, 26 insertions, 1 deletions
diff --git a/Propellor/Property/Ssh.hs b/Propellor/Property/Ssh.hs
index 59845f8f..42809359 100644
--- a/Propellor/Property/Ssh.hs
+++ b/Propellor/Property/Ssh.hs
@@ -4,13 +4,17 @@ module Propellor.Property.Ssh (
passwordAuthentication,
hasAuthorizedKeys,
restartSshd,
- uniqueHostKeys
+ uniqueHostKeys,
+ keyImported
) where
import Propellor
import qualified Propellor.Property.File as File
import Propellor.Property.User
import Utility.SafeCommand
+import Utility.FileMode
+
+import System.PosixCompat
sshBool :: Bool -> String
sshBool True = "yes"
@@ -60,3 +64,24 @@ uniqueHostKeys = flagFile prop "/etc/ssh/.unique_host_keys"
ensureProperty $
cmdProperty "/var/lib/dpkg/info/openssh-server.postinst"
["configure"]
+
+-- | Sets up a user with a ssh private key from the site's privdata.
+--
+-- The ssh public key (.pub) is not installed. Ssh does not use it.
+keyImported :: SshKeyType -> UserName -> Property
+keyImported keytype user = Property desc install
+ where
+ desc = user ++ " has ssh key"
+ install = do
+ f <- liftIO keyfile
+ ifM (liftIO $ doesFileExist f)
+ ( noChange
+ , withPrivData (SshKey keytype user) $ \key -> makeChange $
+ writeFileProtected f key
+ )
+ keyfile = do
+ home <- homeDirectory <$> getUserEntryForName user
+ return $ home </> ".ssh" </> "id_" ++
+ case keytype of
+ SshRsa -> "rsa"
+ SshDsa -> "dsa"