summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJoey Hess2015-01-04 15:55:53 -0400
committerJoey Hess2015-01-04 15:57:27 -0400
commitf1a1d0001a4c9bbfb0d658131314d014d7deb5c8 (patch)
tree8cd399eac9bc557c4d8e9fb9ba7970440fcdfdd3 /src
parent52664e622084b2986bc123f9725a0243a6794ace (diff)
sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter.
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/PrivData.hs2
-rw-r--r--src/Propellor/Property/Ssh.hs32
-rw-r--r--src/Propellor/Types.hs5
3 files changed, 23 insertions, 16 deletions
diff --git a/src/Propellor/PrivData.hs b/src/Propellor/PrivData.hs
index 6253e924..2b27f221 100644
--- a/src/Propellor/PrivData.hs
+++ b/src/Propellor/PrivData.hs
@@ -55,7 +55,7 @@ withPrivData
-> Property
withPrivData s = withPrivData' snd [s]
--- Like withPrivData, but here any of a list of PrivDataFields can be used.
+-- Like withPrivData, but here any one of a list of PrivDataFields can be used.
withSomePrivData
:: (IsContext c, IsPrivDataSource s)
=> [s]
diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs
index 8b03d8a9..9a0b2153 100644
--- a/src/Propellor/Property/Ssh.hs
+++ b/src/Propellor/Property/Ssh.hs
@@ -23,6 +23,7 @@ import Utility.SafeCommand
import Utility.FileMode
import System.PosixCompat
+import qualified Data.Map as M
sshBool :: Bool -> String
sshBool True = "yes"
@@ -80,16 +81,16 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys"
ensureProperty $ scriptProperty
[ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ]
--- | When a host has a well-known public key, this can be used to indicate
--- what the key is. It does not cause the key to be installed.
-pubKey :: String -> Property
-pubKey k = pureInfoProperty ("ssh pubkey known") $
- mempty { _sshPubKey = Val k }
+-- | When a host has a well-known public host key, this can be used
+-- to indicate what the key is. It does not cause the key to be installed.
+pubKey :: SshKeyType -> String -> Property
+pubKey t k = pureInfoProperty ("ssh pubkey known") $
+ mempty { _sshPubKey = M.singleton t k }
-getPubKey :: Propellor (Maybe String)
-getPubKey = askInfo _sshPubKey
+getPubKey :: Propellor (M.Map SshKeyType String)
+getPubKey = asks (_sshPubKey . hostInfo)
--- | Installs all commonly used types of ssh host keys from the privdata.
+-- | Installs all commonly used types of ssh host keys.
hostKeys :: IsContext c => c -> Property
hostKeys ctx = propertyList "known ssh host keys"
[ hostKey SshDsa ctx
@@ -97,7 +98,11 @@ hostKeys ctx = propertyList "known ssh host keys"
, hostKey SshEcdsa ctx
]
--- | Installs a single ssh host key from the privdata.
+-- | Installs a single ssh host key.
+--
+-- The private key comes from the privdata.
+--
+-- The public key is set using 'pubKey'.
hostKey :: IsContext c => SshKeyType -> c -> Property
hostKey keytype context = combineProperties desc
[ installkey (keysrc ".pub" (SshPubKey keytype "")) (install writeFile ".pub")
@@ -150,22 +155,23 @@ fromKeyType SshDsa = "dsa"
fromKeyType SshEcdsa = "ecdsa"
fromKeyType SshEd25519 = "ed25519"
--- | Puts some host's ssh public key, as set using 'pubKey',
+-- | Puts some host's ssh public key(s), as set using 'pubKey',
-- into the known_hosts file for a user.
knownHost :: [Host] -> HostName -> UserName -> Property
knownHost hosts hn user = property desc $
go =<< fromHost hosts hn getPubKey
where
desc = user ++ " knows ssh key for " ++ hn
- go (Just (Just k)) = do
+ go (Just m) | not (M.null m) = do
f <- liftIO $ dotFile "known_hosts" user
ensureProperty $ combineProperties desc
[ File.dirExists (takeDirectory f)
- , f `File.containsLine` (hn ++ " " ++ k)
+ , f `File.containsLines`
+ (map (\k -> hn ++ " " ++ k) (M.elems m))
, File.ownerGroup f user user
]
go _ = do
- warningMessage $ "no configred sshPubKey for " ++ hn
+ warningMessage $ "no configred pubKey for " ++ hn
return FailedChange
-- | Makes a user have authorized_keys from the PrivData
diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs
index fc10cb20..ca3a9582 100644
--- a/src/Propellor/Types.hs
+++ b/src/Propellor/Types.hs
@@ -37,6 +37,7 @@ import System.Posix.Types
import "mtl" Control.Monad.RWS.Strict
import "MonadCatchIO-transformers" Control.Monad.CatchIO
import qualified Data.Set as S
+import qualified Data.Map as M
import qualified Propellor.Types.Dns as Dns
import Propellor.Types.OS
@@ -176,7 +177,7 @@ data CmdLine
data Info = Info
{ _os :: Val System
, _privDataFields :: S.Set (PrivDataField, HostContext)
- , _sshPubKey :: Val String
+ , _sshPubKey :: M.Map SshKeyType String
, _aliases :: S.Set HostName
, _dns :: S.Set Dns.Record
, _namedconf :: Dns.NamedConfMap
@@ -190,7 +191,7 @@ instance Monoid Info where
mappend old new = Info
{ _os = _os old <> _os new
, _privDataFields = _privDataFields old <> _privDataFields new
- , _sshPubKey = _sshPubKey old <> _sshPubKey new
+ , _sshPubKey = _sshPubKey new `M.union` _sshPubKey old
, _aliases = _aliases old <> _aliases new
, _dns = _dns old <> _dns new
, _namedconf = _namedconf old <> _namedconf new