Puppet Class: profile::dns::auth::acmechief_target
- Defined in:
- modules/profile/manifests/dns/auth/acmechief_target.pp
Overview
SPDX-License-Identifier: Apache-2.0
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'modules/profile/manifests/dns/auth/acmechief_target.pp', line 2
class profile::dns::auth::acmechief_target(
Array[Stdlib::Host] $acmechief_hosts = lookup('profile::dns::auth::acmechief_target::acmechief_hosts'),
){
user { 'acme-chief':
ensure => present,
system => true,
home => '/nonexistent',
shell => '/bin/bash',
}
ssh::userkey { 'acme-chief':
content => secret('keyholder/authdns_acmechief.pub'),
}
sudo::user { 'acme-chief':
privileges => [
'ALL = (gdnsd) NOPASSWD: /usr/bin/gdnsdctl -- acme-dns-01 *',
],
}
$hosts = join($acmechief_hosts, ' ')
ferm::service { 'acmechief_dns_ssh':
proto => 'tcp',
port => '22',
srange => "(@resolve((${hosts})) @resolve((${hosts}), AAAA))",
}
}
|