This recipe reads public ssh authorized keys from data bag and appends those in $HOME/.ssh/authorized_keys file It supports encrypted data bag
It Expects node[:ssh_auth_keys] to be a hash containing user name as key and data bag user name as value.
| Key | Type | Description |
|---|---|---|
| [:ssh_auth_keys] | Ruby Hash | Ruby hash specifying user_name => databag_name |
You can define hash in wrapper cookbook's default attributes as follows
default['ssh_auth_keys']['user_name'] = ["databag1", "databag2",.....]
Additional attributes can be tweaked see attributes/default.rb for Additional self explanatory attributes
.....wrapper_cookbook/attributes/default.rb
default['ssh_auth_keys']['root'] = ["user1", "user2", "bipin"]
default["ssh_auth_keys"]['bips'] = ["bipin"]
- Centos-6.9
- Centos-7.3
- Centos-7.4
- Chef 12.0 or later
You can define hash in wrapper cookbook's default attributes as follows
default['ssh_auth_keys']['user_name'] = ["databag1", "databag2",.....]
.....wrapper_cookbook/attributes/default.rb
default['ssh_auth_keys']['root'] = ["user1", "user2", "bipin"]
default["ssh_auth_keys"]['bips'] = ["bipin"]
And just include ssh_auth_keys in your wrapper recipe:
include_recipe "ssh_auth_keys"
Node Configuration and run_list can be defined in json format:
Node configuration example to create authorized_keys for user root from data bag user1 user2 and bipin:
{
"ssh_auth_keys": {
"root": ["user1", "user2", "bipin"]
},
"run_list": [
"recipe[ssh_auth_keys]"
]
}
{
"ssh_auth_keys": {
"root": "user1"
},
"run_list": [
"recipe[ssh_auth_keys]"
]
}
- Fork the repository on Github
- Create a named feature branch (like
add_component_x) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Github
Authors: TODO: List authors