http://blog.brachium-system.net/ Weblog of an System Engineer en Serendipity 1.5.1 - http://www.s9y.org/ http://blog.brachium-system.net/templates/default/img/s9y_banner_small.png http://blog.brachium-system.net/ 100 21 http://blog.brachium-system.net/archives/123-SSH-public-key-distribution-with-puppet.html debian puppet work http://blog.brachium-system.net/archives/123-SSH-public-key-distribution-with-puppet.html#comments http://blog.brachium-system.net/wfwcomment.php?cid=123 0 http://blog.brachium-system.net/rss.php?version=2.0&type=comments&cid=123 nospam@example.com (Jonas Genannt) The last years I have used several tools to distribute the public ssh keys of my users across the servers but they don't fit anymore. I use puppet for my infrastructure but the build in puppet feature <em>ssh_authorized_key</em> does not fit.<br /> <br /> I have different users across my servers and same users on many servers (e.g. web farms).<br /> <br /> One public ssh key can be an member of:<ul><br /> <li>an ssh public key group that is mapped to an user on an server</li><br /> <li>an ssh public key group that is mapped to an user on an sever group</li><br /> <li>an user mapped to an server</li><br /> <li>an user mapped to an server group</li><br /> </ul><br /> <a class="serendipity_image_link" href='http://blog.brachium-system.net/uploads/sshkeys1.jpeg'><!-- s9ymdb:55 --><img class="serendipity_image_left" width="512" height="257" src="http://blog.brachium-system.net/uploads/sshkeys1.jpeg" alt="" /></a><br clear="both"/><br /> I have created an <a href="https://github.com/hggh/servermgmt" title="ServerMGMT">Webapp</a> with an ajax interface. You can drag &amp; drop the ssh key groups or ssh keys to an user.<br /> <br /> The key will be deployed via an puppet parser function, you need the storeconfig feature in puppet.<br /> <br /> The webapp has got an own database (postgres) but you can merge the puppet storeconfig database to the server manager database (via an rake task). If you specify an regular expression on your server groups, an new merged server will be automatically added to the group and on the next run of puppet the keys from the server group will be deployed without any action from you.<br /> <br /> Puppet stuff:<ul><br /> <li><a href="https://github.com/hggh/servermgmt/blob/master/doc/puppet/modules/ssh/manifests/init.pp" title="Puppet SSH module">puppet module</a></li><br /> <li><a href="https://github.com/hggh/servermgmt/blob/master/extra/puppet/lib/ssh_public_keys.rb">puppet function to fetch the keys from the webapp</a></li><br /> <li><a href="https://github.com/hggh/servermgmt/blob/master/extra/facter/users.rb">fact to fetch existing users on the servers</a> (not needed, but features auto complete in the app) </li><br /> </ul><br /> <a class="serendipity_image_link" href='http://blog.brachium-system.net/uploads/sgmt_sshkey.jpg'><!-- s9ymdb:56 --><img class="serendipity_image_left" width="330" height="213" src="http://blog.brachium-system.net/uploads/sgmt_sshkey.jpg" alt="" /></a><br /> <br clear="both"/><br /> drag &amp; drop the ssh keys or the ssh key groups from right to left into the users on the servers or server groups<br /> <br /> <br /> <iframe src="http://player.vimeo.com/video/24034056?title=0&amp;byline=0&amp;portrait=0" width="400" height="300" frameborder="0"></iframe><p><a href="http://vimeo.com/24034056">public ssh key distribution with puppet and ajax interface</a> from <a href="http://vimeo.com/user3233269">Jonas</a> on <a href="http://vimeo.com">Vimeo</a>.</p><br /> Sat, 21 May 2011 03:51:00 +0200 http://blog.brachium-system.net/archives/123-guid.html http://blog.brachium-system.net/archives/122-Using-Nagios-for-Wordpress-Version-Checks.html control puppet work http://blog.brachium-system.net/archives/122-Using-Nagios-for-Wordpress-Version-Checks.html#comments http://blog.brachium-system.net/wfwcomment.php?cid=122 0 http://blog.brachium-system.net/rss.php?version=2.0&type=comments&cid=122 nospam@example.com (Jonas Genannt) <!-- s9ymdb:52 --><img class="serendipity_image_center" width="949" height="140" src="http://blog.brachium-system.net/uploads/wordpress_check.jpg" alt="" /><br /> <br /> I'm using Nagios to check for Wordpress Version updates and plugin updates - it's really nice. You don't need to login to wp-admin and check for version. An single PHP Cli script, that puppet installs and configures the nagios for every wordpress installation.<br /> <br /> Next step: create an all in wonder script that will upgrade wordpress and all plugins <img src="http://blog.brachium-system.net/templates/default/img/emoticons/smile.png" alt=":-)" style="display: inline; vertical-align: bottom;" class="emoticon" /><br /> <br /> Update: Script: <a href="http://blog.brachium-system.net/uploads/check_wordpress" title="check_wordpress" target="_blank">check_wordpress</a> Thu, 24 Feb 2011 00:35:49 +0100 http://blog.brachium-system.net/archives/122-guid.html