Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos-caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Guillaume Hervier
slapos-caddy
Commits
fc7c0aea
Commit
fc7c0aea
authored
Aug 24, 2016
by
Nicolas Wavrant
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
pbs/sshkeys_authority: adds support for openssh, and support port in known_hosts file
parent
6ff8f9d2
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
16 additions
and
5 deletions
+16
-5
slapos/recipe/pbs.py
slapos/recipe/pbs.py
+2
-1
slapos/recipe/sshkeys_authority.py
slapos/recipe/sshkeys_authority.py
+14
-4
No files found.
slapos/recipe/pbs.py
View file @
fc7c0aea
...
@@ -249,7 +249,8 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
...
@@ -249,7 +249,8 @@ class Recipe(GenericSlapRecipe, Notify, Callback):
# Create known_hosts file by default.
# Create known_hosts file by default.
# In some case, we don't want to create it (case where we share IP mong partitions)
# In some case, we don't want to create it (case where we share IP mong partitions)
if
not
self
.
isTrueValue
(
self
.
options
.
get
(
'ignore-known-hosts-file'
)):
if
not
self
.
isTrueValue
(
self
.
options
.
get
(
'ignore-known-hosts-file'
)):
known_hosts_file
[
parsed_url
.
hostname
]
=
entry
[
'server-key'
]
known_hostname
=
"[%s]:%s"
%
(
parsed_url
.
hostname
,
parsed_url
.
port
)
known_hosts_file
[
known_hostname
]
=
entry
[
'server-key'
].
strip
()
notifier_wrapper_path
=
os
.
path
.
join
(
self
.
options
[
'wrappers-directory'
],
slave_id
)
notifier_wrapper_path
=
os
.
path
.
join
(
self
.
options
[
'wrappers-directory'
],
slave_id
)
rdiff_wrapper_path
=
notifier_wrapper_path
+
'_raw'
rdiff_wrapper_path
=
notifier_wrapper_path
+
'_raw'
...
...
slapos/recipe/sshkeys_authority.py
View file @
fc7c0aea
...
@@ -33,18 +33,24 @@ import re
...
@@ -33,18 +33,24 @@ import re
from
slapos.recipe.librecipe
import
GenericBaseRecipe
from
slapos.recipe.librecipe
import
GenericBaseRecipe
from
slapos.recipe.librecipe.inotify
import
subfiles
from
slapos.recipe.librecipe.inotify
import
subfiles
# This authority only works with dropbear
sshkey generator
# This authority only works with dropbear
or openssh sshkey generators
def
sshkeys_authority
(
args
):
def
sshkeys_authority
(
args
):
requests_directory
=
args
[
'requests'
]
requests_directory
=
args
[
'requests'
]
keygen_binary
=
args
[
'sshkeygen'
]
keygen_binary
=
args
[
'sshkeygen'
]
if
'openssh'
in
keygen_binary
:
authority_type
=
'openssh'
else
:
# Keep dropbear for compatibility
authority_type
=
'dropbear'
for
request_filename
in
subfiles
(
requests_directory
):
for
request_filename
in
subfiles
(
requests_directory
):
with
open
(
request_filename
)
as
request_file
:
with
open
(
request_filename
)
as
request_file
:
request
=
json
.
load
(
request_file
)
request
=
json
.
load
(
request_file
)
key_type
=
request
.
get
(
'type'
,
'rsa'
)
key_type
=
request
.
get
(
'type'
,
'rsa'
)
size
=
str
(
request
.
get
(
'size'
,
2048
))
size
=
str
(
request
.
get
(
'size'
,
4096
))
try
:
try
:
private_key
=
request
[
'private_key'
]
private_key
=
request
[
'private_key'
]
public_key
=
request
[
'public_key'
]
public_key
=
request
[
'public_key'
]
...
@@ -54,6 +60,10 @@ def sshkeys_authority(args):
...
@@ -54,6 +60,10 @@ def sshkeys_authority(args):
if
not
os
.
path
.
exists
(
private_key
):
if
not
os
.
path
.
exists
(
private_key
):
if
os
.
path
.
exists
(
public_key
):
if
os
.
path
.
exists
(
public_key
):
os
.
unlink
(
public_key
)
os
.
unlink
(
public_key
)
if
authority_type
==
'openssh'
:
keygen_cmd
=
[
keygen_binary
,
'-N'
,
""
,
'-C'
,
""
,
'-t'
,
key_type
,
'-f'
,
private_key
,
'-b'
,
size
]
else
:
keygen_cmd
=
[
keygen_binary
,
'-t'
,
key_type
,
'-f'
,
private_key
,
keygen_cmd
=
[
keygen_binary
,
'-t'
,
key_type
,
'-f'
,
private_key
,
'-s'
,
size
]
'-s'
,
size
]
# If the keygeneration return an non-zero status, it means there's a
# If the keygeneration return an non-zero status, it means there's a
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment