Commit 59a0c615 authored by Your Name's avatar Your Name
Browse files

sshkeys

parent b3c4b6ab
......@@ -84,7 +84,14 @@ if [ ! -z "$DISK" ]; then
echo "${VMNAME}" > "${MOUNTDIR}/etc/hostname"
/bin/mkdir -m 0700 "${MOUNTDIR}/root/.ssh"
echo "${AUTHKEY}" > "${MOUNTDIR}/root/.ssh/authorized_keys"
#FIXME
#echo "${AUTHKEY}" > "${MOUNTDIR}/root/.ssh/authorized_keys"
cat /usr/local/etc/ssh_keys.txt > "${MOUNTDIR}/root/.ssh/authorized_keys"
/bin/chmod 600 "${MOUNTDIR}/root/.ssh/authorized_keys"
echo "/dev/vda / ext4 errors=remount-ro 0 1" > "${MOUNTDIR}/etc/fstab"
......@@ -102,7 +109,6 @@ if [ ! -z "$DISK" ]; then
echo "nameserver ${DNS}" > "${MOUNTDIR}/etc/resolv.conf"
#FIXME: take admins from hiera https://git.puscii.nl/puppetexp/control/blob/production/site-modules/profile/manifests/lag.pp
/usr/bin/gpg --no-autostart --no-tty --homedir "${MOUNTDIR}/root/.gnupg" --import /usr/local/etc/admins.asc
/usr/bin/gpg --no-autostart --no-tty --homedir "${MOUNTDIR}/root/.gnupg" --import-ownertrust < /usr/local/etc/otrust.txt
......
......@@ -14,14 +14,21 @@ define hypervisor::network (
bridge => "$name",
}
# configures hypervisor as the gateway for now
network::interface { "$name":
method => 'manual',
bridge_ports => ['none'],
bridge_stp => 'off',
bridge_fd => 0,
ipaddress => $gateway,
address => $gateway,
netmask => $netmask,
}
sysctl { 'net.ipv4.ip_forward': value => '1' }
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment