summaryrefslogtreecommitdiff
path: root/doc/forum/--spin_tries_to_pull_from_central_repository__63__/comment_4_75a0a229527a7c0c1633b4bd8e461607._comment
blob: e60cd5bbe3247cabb4ce2ec148a1bbcc103291d8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[[!comment format=mdwn
 username="david"
 avatar="http://cdn.libravatar.org/avatar/22c2d800db6a7699139df604a67cb221"
 subject="pulling from a central repo via ssh"
 date="2018-08-25T18:50:39Z"
 content="""
I ended up updating to a more recent propellor for other reasons, but here's my hack to have propellor fetch over ssh:
[[!format haskell \"\"\"
rootSsh :: Property (HasInfo + UnixLike)
rootSsh = propertyList \"ssh setup for root\" $ props
  & Ssh.userKeyAt (Just keypath) (User \"root\") (Context \"propellor\") (SshRsa, Tethera.Keys.propellor_deploy_ssh)
  & Ssh.knownHost hosts \"gitolite.tethera.net\" (User \"root\")
  & File.containsBlock configpath [ \"Host propellor-deploy\"
                               , \"     Hostname gitolite.tethera.net\"
                               , \"     User git\"
                               , \"     IdentityFile ~/.ssh/propellor_deploy\"
                               ]
  where
    keypath = \"/root/.ssh/propellor_deploy\"
    configpath = \"/root/.ssh/config\"
\"\"\"]]

Propellor is used to initially deply a passwordless role key that can be used to pull from the central repo.
One thing that surprised me a bit is that Ssh.userKeyAt expects an absolute path, or a path relative to /usr/local/propellor.


"""]]