swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Run new setup for SSH keys

Browse source 
SC-1773
This commit is contained in:
Maria Haider 2024-01-11 11:26:37 +01:00
parent 57d7988a2e
commit 128f9c6b59
Signed by: mariah
GPG key ID: 7414A760CA747E57
2 changed files with 2 additions and 333 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
global/overlay/etc/puppet/cosmos-rules.yaml
View file

@ -3,6 +3,7 @@
nrpe:
entropyclient:
infra_ca_rp:
sunetops:
mailclient:
domain: sunet.se
sunet::rsyslog:
@ -12,8 +13,6 @@
jmp.komreg.net:
konsulter:
sunetops:
metadatamgrs:
sunet_iaas_cloud:
autoupdate:
sunet::auditd:
@ -23,15 +22,12 @@ jmp.komreg.net:
'^jump-.+\.komreg\.net$':
konsulter:
sunetops:
metadatamgrs:
autoupdate:
jumphosts:
sunet::server:
ssh_allow_from_anywhere: true
kvmfe-tug-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
fe-tug-3.komreg.net:
@ -60,7 +56,6 @@ kvmfe-tug-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvminfra-tug-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
log-2.sveidas.se:
@ -98,7 +93,6 @@ kvminfra-tug-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmmeta-tug-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
natmd-2.komreg.net:
@ -143,7 +137,6 @@ kvmmeta-tug-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmeidas-tug-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
eidas-connector-2.sveidas.se:
@ -214,7 +207,6 @@ kvmeidas-tug-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmfe-fre-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
fe-fre-3.komreg.net:
@ -243,7 +235,6 @@ kvmfe-fre-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvminfra-fre-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
monitor-fre-3.komreg.net:
@ -281,7 +272,6 @@ kvminfra-fre-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmmeta-fre-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
natmd-1.komreg.net:
@ -326,7 +316,6 @@ kvmmeta-fre-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmeidas-fre-3.komreg.net:
sunetops:
eid::kvmhost:
vms:
eidas-connector-1.sveidas.se:
@ -397,7 +386,6 @@ kvmeidas-fre-3.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmdemw-fre-3a.komreg.net:
sunetops:
eid::kvmhost:
vms:
demw-1.sveidas.se:
@ -413,7 +401,6 @@ kvmdemw-fre-3a.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
kvmdemw-fre-3b.komreg.net:
sunetops:
eid::kvmhost:
vms:
demw-2.sveidas.se:
@ -428,30 +415,25 @@ kvmdemw-fre-3b.komreg.net:
image_url: 'https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img'
monitor-fre-3.komreg.net:
sunetops:
autoupdate:
eid::nagios_monitor:
monitor-tug-3.komreg.net:
sunetops:
autoupdate:
eid::nagios_monitor:
country-test-1.test.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:24.0.5-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
natmd-1.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
metadatamgrs:
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: swamid-2023-10-24
@ -470,13 +452,11 @@ natmd-1.komreg.net:
signed_repo: true
natmd-test-1.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
metadatamgrs:
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: swamid-2023-10-24
@ -495,11 +475,9 @@ natmd-test-1.komreg.net:
signed_repo: true
eumd-1.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
metadatamgrs:
konsulter:
eidas_hsm_client:
md_signer:
@ -509,11 +487,9 @@ eumd-1.komreg.net:
md_repo_client:
eumd-test-1.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
metadatamgrs:
konsulter:
md_repo_client:
eidas_hsm_client:
@ -523,7 +499,6 @@ eumd-test-1.komreg.net:
version: 1.1.5-eidas
natpub-1.komreg.net:
sunetops_new:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -540,7 +515,6 @@ natpub-1.komreg.net:
port: '443'
natpub-test-1.komreg.net:
sunetops_new:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -557,7 +531,6 @@ natpub-test-1.komreg.net:
port: '443'
eupub-1.komreg.net:
sunetops:
autoupdate:
md_publisher:
keyname: eupub-1.komreg.net_infra
@ -572,7 +545,6 @@ eupub-1.komreg.net:
port: '443'
eupub-test-1.komreg.net:
sunetops:
autoupdate:
md_publisher:
keyname: eupub-test-1.komreg.net_infra
@ -587,13 +559,11 @@ eupub-test-1.komreg.net:
port: '443'
natmd-2.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
metadatamgrs:
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: swamid-2023-10-24
@ -612,13 +582,11 @@ natmd-2.komreg.net:
signed_repo: true
natmd-test-2.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
write_daemon_config: true
metadatamgrs:
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: swamid-2023-10-24
@ -637,11 +605,9 @@ natmd-test-2.komreg.net:
signed_repo: true
eumd-2.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
metadatamgrs:
konsulter:
eidas_hsm_client:
md_signer:
@ -651,11 +617,9 @@ eumd-2.komreg.net:
md_repo_client:
eumd-test-2.komreg.net:
sunetops:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
metadatamgrs:
konsulter:
md_repo_client:
eidas_hsm_client:
@ -665,7 +629,6 @@ eumd-test-2.komreg.net:
version: 1.1.5-eidas
natpub-2.komreg.net:
sunetops_new:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
@ -683,7 +646,6 @@ natpub-2.komreg.net:
port: '443'
natpub-test-2.komreg.net:
sunetops_new:
autoupdate:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -700,7 +662,6 @@ natpub-test-2.komreg.net:
port: '443'
eupub-2.komreg.net:
sunetops:
autoupdate:
md_publisher:
keyname: eupub-2.komreg.net_infra
@ -715,7 +676,6 @@ eupub-2.komreg.net:
port: '443'
eupub-test-2.komreg.net:
sunetops:
autoupdate:
md_publisher:
keyname: eupub-test-2.komreg.net_infra
@ -730,7 +690,6 @@ eupub-test-2.komreg.net:
port: '443'
nic.komreg.net:
sunetops:
sunet_iaas_cloud:
autoupdate:
konsulter:
@ -739,7 +698,6 @@ nic.komreg.net:
version: '5:23.0.6-1~ubuntu.20.04~focal'
r1.komreg.net:
sunetops:
sunet_iaas_cloud:
autoupdate:
eid::dockerhost:
@ -756,7 +714,6 @@ p1.komreg.net:
- 'se-fre-lb-1.sunet.se'
- 'se-tug-lb-1.sunet.se'
port: '443'
sunetops_new:
autoupdate:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
@ -767,7 +724,6 @@ p1.komreg.net:
validate_cert: '/var/www/html/qa.swedenconnect.se.cert'
p2.qa.komreg.net:
sunetops:
sunet_iaas_cloud:
autoupdate:
md_publisher:
@ -783,13 +739,11 @@ p2.qa.komreg.net:
port: '443'
md1.komreg.net:
sunetops:
autoupdate:
eidas_metadata_key:
eid::dockerhost:
version: '5:24.0.7-1~ubuntu.20.04~focal'
storage_driver: 'overlay2'
metadatamgrs:
konsulter:
sunet::metadata::pyff_compose:
pyff_imagetag: swamid-2023-10-24
@ -806,10 +760,8 @@ md1.komreg.net:
signed_repo: true
md-eu1.qa.komreg.net:
sunetops:
sunet_iaas_cloud:
autoupdate:
metadatamgrs:
konsulter:
eidas_metadata_key:
md_signer:
@ -821,7 +773,6 @@ md-eu1.qa.komreg.net:
md_repo_client:
'^test-[0-9]+\.qa\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -839,7 +790,6 @@ md-eu1.qa.komreg.net:
port: '443'
test-1.test.sveidas.se:
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -858,7 +808,6 @@ test-1.test.sveidas.se:
port: '443'
'^demw-[0-9]+\.qa\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -881,7 +830,6 @@ test-1.test.sveidas.se:
port: '443'
demw-1.sveidas.se:
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
@ -904,7 +852,6 @@ demw-1.sveidas.se:
port: '443'
demw-2.sveidas.se:
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
@ -920,7 +867,6 @@ demw-2.sveidas.se:
enabled: false
'^refidp-[0-9]+\.qa\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -939,7 +885,6 @@ demw-2.sveidas.se:
port: '443'
'^refidp-[0-9]+\.test\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -958,7 +903,6 @@ demw-2.sveidas.se:
port: '443'
'^eidas-test-[0-9]+\.sveidas\.se$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
@ -976,7 +920,6 @@ demw-2.sveidas.se:
port: '443'
'^eidas-connector-[0-9]+\.sveidas\.se$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
@ -994,7 +937,6 @@ demw-2.sveidas.se:
port: '443'
'^prid-[0-9]+\.sveidas\.se$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
@ -1007,7 +949,6 @@ demw-2.sveidas.se:
mdsl: https://md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
'^validator-[0-9]+\.komreg\.net$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
@ -1023,7 +964,6 @@ demw-2.sveidas.se:
port: '443'
validator-test-1.komreg.net:
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
@ -1039,7 +979,6 @@ validator-test-1.komreg.net:
port: '443'
'^eidas-proxy-[0-9]+\.sveidas\.se$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
@ -1058,7 +997,6 @@ validator-test-1.komreg.net:
port: '443'
log-2.sveidas.se:
sunetops:
autoupdate:
konsulter:
eidas_log:
@ -1069,7 +1007,6 @@ log-2.sveidas.se:
udp_port: 514
udp_client: 94.176.224.0/24
log-1.sveidas.se:
sunetops:
autoupdate:
konsulter:
eid::dockerhost:
@ -1081,7 +1018,6 @@ log-1.sveidas.se:
udp_client: 94.176.224.0/24
'^eidas-node-[0-9]+\.qa\.sveidas\.se$':
sunetops:
konsulter:
sunet_iaas_cloud:
autoupdate:
@ -1099,7 +1035,6 @@ log-1.sveidas.se:
port: '443'
'^eidas-connector-[0-9]+\.test\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -1122,7 +1057,6 @@ log-1.sveidas.se:
port: '443'
'^eidas-proxy-[0-9]+\.qa\.sveidas\.se$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
konsulter:
@ -1143,7 +1077,6 @@ log-1.sveidas.se:
port: '443'
'^eidas-proxy-[0-9]+\.test\.sveidas\.se$':
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -1164,7 +1097,6 @@ log-1.sveidas.se:
port: '443'
'^prid-[0-9]+\.qa\.sveidas\.se$':
sunetops:
konsulter:
sunet_iaas_cloud:
autoupdate:
@ -1177,7 +1109,6 @@ log-1.sveidas.se:
mdsl: https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
'^fe-.+-\d+\.komreg\.net$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
docker_repo: stable
@ -1185,14 +1116,12 @@ log-1.sveidas.se:
fe_servers:
'^fe-.+-\d+\.test\.komreg\.net$':
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet::frontend::load_balancer:
fe_servers:
log.qa.sveidas.se:
sunetops:
sunet_iaas_cloud:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
@ -1207,7 +1136,6 @@ log.qa.sveidas.se:
udp_port: 514
log-1.test.sveidas.se:
sunetops:
autoupdate:
sunet_iaas_cloud:
eid::dockerhost:
@ -1218,7 +1146,6 @@ log-1.test.sveidas.se:
udp_port: 514
eidastest-1.qa.sveidas.se:
sunetops:
eid::dockerhost:
version: '5:23.0.6-1~ubuntu.20.04~focal'
sunet_iaas_cloud:
@ -1238,7 +1165,6 @@ eidastest-1.qa.sveidas.se:
port: '443'
'^relay-[0-9]+\.swedenconnect\.se$':
sunetops:
sunet_iaas_cloud:
autoupdate:
eid::relay:

259
global/overlay/etc/puppet/manifests/cosmos-site.pp
View file

@ -777,264 +777,7 @@ class pages($version=undef) {
ensure_resource('class','webserver',{})
}
class metadatamgrs {
ssh_authorized_key {'bjorn_mattsson+000606447540':
ensure => absent,
name => 'bjorn.mattsson@bth.se-cardno:000606447540',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDEWat69rLNIV4CXzsYKJwfT57vZJPLAiJE6jEdSWkl4yTHHl/d/fPzcCPH7FRl4O56xS0WwDn6HDeUvUBFMMH+1Jto98jhlTEcRjdn/BR9VA2nIfuEpvhZ7/m12nUeDDKISJOT9/vMZBWD3x3E4YscJm+gbyImhQ8iERTjur3eC4O4o7l9t0Uy6+wn37CwoyGCsxUVOBoptZOtA6pJ+BTEfzbt8hW2udTqg0pvSpKFQfP87Ioi1mfhRXBbvjS53sbmD/CMj8X6cs8n6zXriggaB2Iy0jfDsgLQHqUxaP2qKR4O76I1ewzkt0OXpanbgljjsDBA+cHWe1A5ViITika7Wf9qiIPKYQdknmKuuckg5c+3K+HRokwSH/2gDjIx1Ziw9eRvF3g3wctGwjAqmu+7CQmXEAlRBeMEGzj9plXOeUbo/a7VJiBIMdfs/gVUTvfnCjq1P/Wz4VO6DhWsC7GFiW7Df2El1kjKDIRwO5KypHSBOleagSLZIt3yn+mEQE+gBfoMin/KJ6C0dnWaA398AZ/pLyjL2C5ZHArt/1MwmVzHbG7JGseHXMcrLPzDUmfB0J1pmrJfEStfwmenynG+xE7ZLf6HrSjEKT+6nzxBNC7C6v4oNlwEkS/EccQQK3STO4fbfYWiY9FhSNidAFZmcNVU5roaeyx5rJ7nt+X/uw==',
user => 'root'
}
#bjorn is added with sunetops
ssh_authorized_key {'bjorn_mattsson+000606484562':
ensure => absent,
name => 'bjorn.mattsson@bth.se-cardno:000604539918',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDgsv4gJdi9oaylsrCC/F5fVa67jpAy8WMJPsjYUq1QkVwO+ZuN0ozTqslJf7tATw9YA8jOKahzfc+x1NFOCNkkmW+YaKtF7i8UYjGxRmwDSRCLWSSeXUuQUqz7NBRgPYu/6r/VjqrbHATpHftoAB5RkfzBPUTiLetqC8PHBorM/zrWj2CpBP6vQ4XveCq5GSBh4q4bi0SOaFKOJ+pPJR6L3PiVr76u3ryB5ZQZBZHG0gHI9wXFZcbEOzsSWHU/FKcHDI2QSWXaPtgk+sxHOoL1ZFuUS6i79sV4AFD/VaQAB+3P/QJf6seIM5AcC5fqrfBcVQe5RzC9mypbGuXim325DQBaNTtz3IZhH1IbJpA3b4x06fgjpp+2Z9qKtAZaZzNQPk+bguvyqtEZmI99l/Pa+qNTIe3x8W1960xO/jiyansd5uTBAq1+CGq5ccmVlvPlBuHPLNoV0WY4fnv8yTBj2LNYCvC9SWzmYkQ2ihZD/xauvdoV05A3iKBwxDT/LxPGfBY8YAGF5Cj3KpdTYFlUTOT3BHi3YXhcm4nzdhO4h1NP3HeEQGKPevx/POYADHUA3U7+uSkZxlT5lUl7mdHqNc+zVVHpz7PUBmdq3qVGG72K+X1G8ETtNrkfv/r7Mg7oXEjh5pkSUw8Yj1cQUcHE4js4PRqeC4n1/5hH90sweQ==',
user => 'root'
}
ssh_authorized_key {'paul_scott':
ensure => absent,
name => 'paul.scott@kau.se',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQD3zTpDifYHWlsg3sIAOFKbseiHl/8CllfJS1KwqzDt3jZlIUgCN9KhEyQxldFI2qKRubltLK6b/L8oN4yMrBsXxrfLZThP4RDhhy+IVCnTt489Kg2E2lHqp0DC8pZrtIwS1E50G+Y1p0nS/MYpcxKX/SthDr5cRvNBZXm3C8Pii3BmFPWKy5nLcqQDsK3JeL1D6ss73Tn5XhUWjJTqo2OsU6XuYWyGpbjjMwf+T15ubJJOXztJLN9HLb9QdmZQxM2kKU6JIo2DW01lcGGmsSVdFLbmDfx9y9csNgn/C0QVyo6t9IV8jbbW4Qo6QsrL04ngHhxXkBv2HO5aWZvVTR5mZAuyXKOumbKSqGcU1nXNzNErO0bcK4jlQOtDvACEOUV5BJEAgcq0s943EGSgvPUaOKlp1PZauHBMQVAhWnguEUmytiVPbPN+kGy8H0zqoQaHtzdqNAw1F9pvy5AGwrCquWfNgqKP1heTMSUgbxJh5xET/QrgiFUpGpS7wOUvrp2TP//vkiLdy7wriwF1INxRN/rTrr4p3KMFoNkLGrSZc9EYv1J2o/csbO8LIs0oOKqZw98LOLi4qsWBOYAx9hSHBiej+Jj0mRIyGDt9GHPCscJ0yBJMaGy3+o3luIGfIiQpQkQqoiSz5fVIsh3IYd1RiSkO1Hm73PCEjbbhXGWJFQ==',
user => 'root'
}
ssh_authorized_key {'paul_scott-y5':
ensure => absent,
name => 'paul.scott@kau.se-yubikey5',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDwAmCtqutG+WF2eqqYn+eXwLi1VoNm8TgR/IyNwgf5CP4Pi0K2XxZu2ntFUtOM4Ht5Sf/rD8Y6tFypNYzupMpCqvmub4VA8joGivChc44JuNHylYNvLdaRK3AKdL4Qpr+F6r3YCNGO4xHYbZOG9/JKFcBpFot3ggq96LIp+DpBHXYwQJ3wSjHDPX5xlTjAmgQ0dsBRQoEWIb1EZ7omBMk+e6B7nv9FfQ+kU7qk8p0qMInwUuaFj6P8OAKHQXC1ZmMBX2BKClxjR5wnOtmCTRz6ACDweyC5GK0RyCC0/jGhPkWnodskiCeOXpcnJF8a0gCvrfFdfg9oFHaKZwgjRKeyEWIOnhbiKdEDrnEvSX5OlRuKfaqhOYgsmRFwmOtPH3PKbymybs2KkesiZDJr1KCWwSXd/Bz7EivRX0nLDHEAMi+EASqUc99RtMWc31rYVHDmtPhXVGpqmLYIwODyC87dxKR+vBx6hbTdlIXLntKbipmSct/Y3EvdSpcNw5AFYPvPexfeF+C3ocIGtNgWsawadkMF+MDVSbU443VLvRprARaDfInyswKjqHWVuosXzWYS2rUAFX3NAnw7jAtvjfCswebiXTQwanQz6UhPl5w8tyze0LqTbiRTf+rKDwc1F6h+mv6zvHODYu2Kj+YnkEGO9vVEjPB+o1Jw2oLkawXlcQ==',
user => 'root'
}
}
class konsulter {
ssh_authorized_key {'stefan_santesson':
ensure => present,
name => 'stefan@aaa-sec.com',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCzUSLrRktEwMaJJ9Zna02Q/HkZ07wn5S9NnBlYarcN3SbE0Hy71YnC92Ojaa7H99a7qDFCHVL3KmarlJRYWAyCe+8nGvJUEcXZ6f9JnpEW7lvu0NykPldstYVqPCVI+rTdreggcM7JcDeZpRghAQ62Rbybl3j6BQ/tUJPexAAeWMFCsTzrtC8B8vo+2IdCytTzG+NLVGmzfN1SROElKSApcBvtBev0niZpspYd0O6VkCiTPBTgUN4wVjBivoCgA2wCT+YmK6G4NZM5Fz7uECSBfJxdlWAcHkR2DkEu57tG3Xmi74IKBFvSxELJ7mxWtDhv4yaBON2+lXXxyB0vyyCb',
user => 'root'
}
ssh_authorized_key {'martin_lindstrom':
ensure => present,
name => 'martin.lindstrom@litsec.se',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCdm3dGwsfYD0ANzW9vyR9s38ffwExFtb9Yk0n2QDNx+JXsA4PIsbXSfliNmhqg9TWcC9DfUcIbvE24fG1ZJzUTLyVqV/Z5JG4qmb+kZ1cwGNvlMluaboml516nY1cGHn0bhUg6BrxG/K4+BDyRLMghGzpnyqWgMlrqGhCmhCqr9NkYpPdYQUvFsTk3Rh+GhxHFSJuI7zjciOrkoDFbSPvIvPsPzVvQvCOc40/4UBy++I9oxR4+r+NIukp14AkYrJWqD2KtDFXsCFv7FFHj2em9GMcRjcUqH/DkIKxutxBTEY3ysVuk6BcdPQjr1iLCmPj46uqdfJSbCTks5MEqTtiw38zQwvu7UR664+xX6EEiXfUmos6G0HcnAZHUALHebH35mn2EMn5ay1u7GdKrVGABe01kzOGwHmuNb/L6qqXAoiTcEh/pqMMBQTGqcP7pMRvgRL++0Voh8mpE4UUrQ5nqnerSGPGvmqNBpF/QvsPWE9NC5knDfTu7jbTsVtHTP4rEXToM1Po4e2/aev+n2U4PUbJUDf/+ndfmZeyYYKC3FLMk5G/yuvI8gOK/CTiu1A3Pr27V7K6F7W4520YXYwGVrTWwnRfcFqzckajiWyg8lifFKLB8agQ43ByEPdVB/VWMOD1KLuZV4kZHijHaVdOa9lsvTeJuxI/CP5PwWC0VZw==',
user => 'root'
}
}
class sunetops {
# Allow hosts to configure sshd as needed
$sshd_config = $hostname ? {
'pypi' => false,
default => true,
}
# SSH config, create SSH authorized keys from Hiera
$ssh_authorized_keys = hiera_hash('ssh_authorized_keys', undef)
if is_hash($ssh_authorized_keys) {
create_resources('ssh_authorized_key', $ssh_authorized_keys)
}
ssh_authorized_key {'leifj+neo':
ensure => present,
name => 'leifj+neo@mnt.se',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDVvB4gdJ6EWRmx8xUSxrhoUNnWxEf8ZwAqhzC1+7XBY/hSd/cbEotLB9gxgqt0CLW56VU4FPLTw8snD8tgsyZN6KH1Da7UXno8oMk8tJdwLQM0Ggx3aWuztItkDfBc3Lfvq5T07YfphqJO7rcSGbS4QQdflXuOM9JLi6NStVao0ia4aE6Tj68pVVb3++XYvqvbU6NtEICvkTxEY93YpnRSfeAi64hsbaqSTN4kpeltzoSD1Rikz2aQFtFXE03ZC48HtGGhdMFA/Ade6KWBDaXxHGARVQ9/UccfhaR2XSjVxSZ8FBNOzNsH4k9cQIb2ndkEOXZXnjF5ZjdI4ZU0F+t7',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'ft+505152DD':
ensure => absent,
name => 'fredrik+505152DD@thulin.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQCnskRpNxWJE/YgDR3o6sMWwwmbUJ8f2SJa0gHfHM+fcxxC2zQN9/9mqJSxS1E9QdeuRbbHpYxEUtHoX0vSrmia/VALDiQAMps51RBqq6YlrYqvP/Rb0hZ0Z4/YgjTosLdu1PeTzih6mwbyNNF0+gY987Ig31qXQytNF+9G1oSY9dgBAq52lu170QXTRwum4B6Gh4/pCnM6xx+7nY2oqlgvl2wYHVAOJ39W9r4y9kBhcVs51XvJqYehjaoyKYf1+PzA0FsvhJkZuG6ws5eEGSB90lAzKGyFZXedvOLmnFmqAraoLeuKajHIFJDfKNfHHbYpn8ERIfVW66nbqlXFO2g3',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'ft+4030CCAD':
ensure => absent,
name => 'fredrik+4030CCAD@thulin.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDCb2Nkstl2A2Av34oAeugSFAUZisR44EiN3+QHCfNiv2UtMvGQsz2uVRGS0zA7j2PjcrEA1AcstriONBZF/TodARbirX7u7ibJo4gfFJctSMHMBncwSKt5BR6cuCZpW9E7f05tVc3Z1SU1XlAn0OUuAt6UwluEehEKLKXDIHWfsGejlOTpy6x+++6/o1gfMoXpxYDRK70z8jWPfN6i/tt2q+Y0gjZWQP4CHGzFEUtTpOlFoqN4TzXaJushBhdMsiKllOm9wzHFuxlU/hNbDfn00vdOTPYpHkUluQUE7NtNznpeTWpl5qYL+n4uIChxjeZRBmUgD9t8YU4t3UZNksD/',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'lundberg+9303C5DB':
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDAHMfn9PSWjGGAkMY6rh1yffdYgnlhoIC5E5NWdc5XUlY9oNYW2zhMpyhepfoh1YYv5V1QNTuO3f0zhD+ZeqPvnnA74fBM4yvWU4Qttwv2drsFOsU7nRbGSwQdww9IDidtxRuAjW5HJ9mTOJuYrIFAEHgg1Pv8sZKzHNWuZiz4I34CN2NbaZOu4eYG6pdzvB6kfYl5iL/esfhBZfegA+7x4qXvMLHEKb7wCRBABCfWu6Yy1E0jUdRWBFdqp5zsjuQlk8minh892m2C1tFcyub5dCWgLYtiQRpIjz16lMk1cM+fgS9YM7Ev62bBpRynU2wCfg1QpYMpxIq54q/XLlYv',
ensure => absent,
user => 'root',
name => 'lundberg+9303C5DB'
}
ssh_authorized_key {'lundberg+8D03C7D1':
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDPjXvKEL2vAngTdVu3MguEE6gfPH2UigGDPgPV5SBYm0UZ/gZBbB0CuoQjkKEIpq3gzcbLH8kG/00r8hkeBeMa+tfWBDvUXk3wQRw5fKw5StBJFC3C04atJBGlusx6C8stgdmj5SwFhHN86uzVWpqbqJ9TKId18UABgq1hEBMRRVymSXE5zAJ6nCOh2PLtRI8GAkd+Lye0MMh2zEtOIFeHZDd1AiocaLfKBKDUlTSe1+suktyzgQsxJynLlwLA8BXmOZe0/LcE6Nint1beNq/DoKNySxdFN8ebGAC/F7w+JX7hB/DZH7aZevwdDp8cuchoFDUvu3uAXwH5eulXLt+VUJbn3MzFn/rSGqbfdYRlRhAOyo5qSJ3E6DO8WVKCLpwrUXjc4fQT7FwA7JPElunuU8jKxL/PiE5cJlt2cgC6v9qn3C47n0yc7c/078a+34w1mWf2Mp/lqBIJJnOUvKzisKmpEW/t3D1iAFr2z14omPDS9Vnoo1/FrAwGPYGKCeirBDe0FwNzMpC/wC1sglTU236/13zrUzyyQSJoXmn1MkS3aPOusqEYSo65tMoB5qOB7h2/lWLSQ7kHAMVtuMEoCGx/2Aa86EvuWYd1iMPelodEQlNIjCbKz9HX7c1b640FAvU8smefwfk52msqmKvHMbjm86WAPpXThhiN/eAuxQ==',
ensure => absent,
user => 'root',
name => 'lundberg+8D03C7D1'
}
ssh_authorized_key {'jonas+6CB01A0F':
ensure => present,
name => 'jonas+6CB01A0F@sunet.se',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDvuL8XCorTZ1VP5cgbcdN5gNumnZ8RkrS8Hs5b0QKLRwwBNFsl98xMKxzQfBYR610vMnW30iDt3dRnqhfp75yakvt5fvrnk11gSwGoEOeBr5T7jgnJQK/kBIikXfpqsvH/40cSkX3Lx86VzDps/8j5sVYmgWiRk7BKG2/aSVY22RdPliITy2N60BUdZE3blz/I2bpJ1gDzAlJJk/xYHluou7mUuEEMT681hhAC+D32ofTAFSUtvP2PfsOTJxfJ2Iy22cRpR5aA5OCImEmBim4T1vAJUn6xSbeGI4RDHURYveLUT46gE5diWDTmdRKp8P7IpEYhJ1QQtdbsjnt9N6xJUI9ZcujD7yH1Drt0mJH23UhmNtliPeC8nO+58iM9MIgvnqw01wmWG5YnOBJVFWPC90LNGwm29Y6kjxDyVmDXglyx5mBymiEt8l2twi8xVbv6rKAUCUxHpcdsThvyZ75YWpAj0Rpvm5+y76xKqqJ8tK8YUUlD/g/L8gGYsg9GcHdxkUHNF+NMkbzbARM11eALYFdRCM7Kzgf49xMtOcs4s1IcM6u1YX51FvdyWlHHmDTGazz6k/AnF4jqdD4+SBdo7BPdh+FTfNbA1AtOyV1YNLCFrhnSBoUgt+IJ4LZFiRuyak1uxM8zdz5iikzEY+ClEe0GolmG7qtY12DVPy+b+w==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'salu+7B44FE7C':
ensure => present,
name => 'salu+7B44FE7C@sunet.se',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDepp02t6/oNnO/qKJtB+U2yLWUa+dYo4ECsbX/DGOgr1MYzhtIbP18gUAX0PN9Hj40XdmY5EtAJZamMWCLi0EijanhOLDCzw5s0hzi/gYysmEReLRxhqq4ppjZhSj2HF09a6Rq1TTkndG9mYzTYTkdOyOqmdNcmIZRRvJD0BE1UBkERrURGhA+8YPnHoxEVUqdEDMFX7nHmNl4Q5brj7pNXaBv35PsVIlzDSfltgN7yENF6dv8Fu7nxjKZ+r9Anrb5rCEiBnOkNAbwEMfMvjRRehbY9Nvz1CEn0cP8SstbLYQfBQuCeJW3w9PygLN/a0asva0ttmVhprbnSeZtKmm3',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'dennis+3EE4E6C7':
ensure => absent,
name => 'dennis+3EE4E6C7@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC314jSJ575zgXl2xzwzLRLwoNaP7eXN6NlWOPq47qmoUfR1uZPPbZhvKDmMMc4WQhNPzWDFkX29tcHJar0KXVYM0zNV/hkXlh3Z9suAVFJgzdQ+VW3GsNDffYt4GHM8gUtYxdiQKhA78rIIvcvjy/e0c87lQ0zwDQjruLRw2t1mP1roVsadGnRn4H2rHnlmYqsyJrd2L/MQeKxFh0t3zKu3Hp2mGoSFpFe/5uMaHE//ZOO3tVf3fBWX3p19f6sK6kqYsSR4vMAP08cWf32xFEeNHf4ljbanQ/NIo3iPybpzGXVsPpTHXylLS+vYzDf9mOcxovhsKnJrJ3gdkqEfQyd',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'patrik+soft':
ensure => absent,
name => 'patrik@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAs0nFlZmXga5A789gFwmRVYREPNuaGvZBNAkN+fHpfzNfxSDQNlu1v4OWlU2QAs4XBMVIo5O14EuqqunSgFnX1gh9++AM1cQ8pBUeTi0l99MTl7qxc9MIHCyvHhbzra7o3MHEUuNQzbAjEUsuGV5/ymNJv4ysbncX+BiZplkydq2H/MuDQD8dzghfq6HUgf/BZDVxM3K4Ak8ll65PPPA6xnWJA4a2abgHvoBf40R6xF2dgOK3wq4xQRQSUWdw0olRSyXXZ68mt45m9fvwLnpY3xIFWEWJ6ZbEW+K8BsVT7zqbCBdpnfT8Rc2myz3cjgf7WpTHd8JXEcKk2BaEGD4y+w==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'john+B3337B77':
ensure => absent,
name => 'john+B3337B77@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCv+QT4hyxx7m89a+PkdBXAlBuNVoufNoNWpZ6uhDWSKYf7+Ic/M/R1tnsHpSihNAVnaDOLpmC8H1JWaKpuLHrvTolKwFi+imekqzUZ4ajUBuFIbieeHZMTdmv946fpOpB8FpWSFC/TQWyZwq3iVFfm8r/GYGIVSH8MtNBVmfRolH6aZgmZHl67xII59RI20nUm4gzs2yDfReUGRPB/nDWIJ1CuzvzVUFOeJTi3M31TNuxnqUHH0ol0t0bX6MOlDkPGRznOFbr2LhoxvuIIHkjZkZEvAYnQ6fmhExlqge5Trwud/jeZZUhdt7qx+FfgNaTdooUgbCVszgv9CK+rNOOrHD+qIi277j36loPcb0zymb6bnBmZPTo1RJNfaOVC/uuoSTKuFjNQ2UURsu5UepOhSRvLmA1fw+69n6tj0fwd627qxG0jmYmUmzW8U7mSypEXPKLDCbcR+hvWUDaYim1UAKi4ji5AGoOWBSsPuFLtfNYtmpBii+gaglGR6YrDDkQW7Pj/12asga9TrJSqGM1MMTLwuQal1+gtchF+9leKwVf5NOXDMw8SIG0xtqNDfWzk6BMEBcwl7wMObjEwmxxnuHzk8Q7922kvvsgK1VRiO20hmDtOxW2+oBk1yY1F072AjuuXNaZpBxD3c2Iug8GWK8R5pF9fIxAmeeLeFvQCSw==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'el-sunet':
ensure => absent,
name => 'el@sunet.se',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQC4BWg9cW5fmx8C7K0UN8zzp//NWDcZosrDBl7mEf3MGNBGwrX1orEWFjTWoUZivFoC1TUlEpRP92e3kB3oayMQQz6ZfvYh4ztZBmkDOPIOMykLVsQtvWbWJ1iQuvqCC/s9bVDJmkxkH/Mw/7OyN7Jyb0vPv6JGsSJmbEFkPpzsKUEuXUOFleN7oD59YQVbzDs0ukuAsc3FQ7GSv8q28p/GbFd0ZnfAMjBz2nVJcIkAM9q4OrR90P0gLsW8QqZyVl/uTs5/8iXlkYSe26T4uM697UnD8jFM4yyOTTlS5LHKo8pwNZjqYHdIhkSWscApRqfOVPSm3diQ1nNrm/x2Io4k9GnPmho67YacTA6EisTK4mwnEeCT3tVoHPSfLlGrKOGuug5MnQd5ds+7OlfRPHUua1/sgSiDGjIVQDyktqujrcaI1eK+pT4jmJa0c7HTGSB+dZwmswDsxry3JMdZ75iqYAJGFTIbmWAQAVnRJkzjmge+qIW7joM74I5LBfb20EOVU4rh35bFTsAsK1c/Z08Zut5IgNsg8DyVhVS2PSuvirR4/+OWYZpiO6R4M2nDgtRVPq/nl1iRsZEtiLP9xSyza8TSHm842MfPUbzWPV+JNGjA46QxGprI4OSoqAI//dfBFtpta130U/mvOJsF2xq0NYTyrGqx9qy7iJb8YolFsw==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'el+424CCD7B':
ensure => absent,
name => 'el+424CCD7B@sunet.se',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDEjaBnFluF+U9fE+6PFGSJbke+wK3HuwvuMKnmDHBv5PmFE5ZH9mEdERsPxTsaK+Y73AMJB3BUtnpZiQ7xDi0u5H4C4Xcv48gO2+Ljph99g05IR+yF6R/qmj6UU6s/Ta41vxNJcKWepN/WXBQI1ufPjUUL5qKwCMOrYvSXgeps5pgSlPb2hCq1kauRcS7yAqnpZE3yx/mFyP4DdZ8EiyXSqUPlVPqxnZhfeXQbZCwPlZG/ivvKS5WLeyQwDWDf/Im/hYKL5YMUSz7960LmzM0Wv+1hOuuDQN5mi8LGwpFeDF+rMC1joc52OpVGE5bLFUeg29K6CQRMeVt+G7VJH5J7EglqK6fDSEK9c+d3Y/OaHxA24j7inycODVCZaaWrBHNLjHjUJ7Ckr6FO2e+Z3PeMo3i2KgU7OnDilNiiEXAL9F2UWo+Q2jxNY8M8etewkkQrNJFbdtpT0C/cg++D4cZqWn0UQJKPRs8eZ7cG4TlpfR+X9Vq+uep3SwEE40eTKXLpQdQy9HsZK3h/pCUwT3TK8/MjyF0awL5JE+SHvFqGFwXgRBMxtkjg8pSU3i/ND7ig5ZC+pirGT90KMEltlcS9aJQ4LL5wWlMDsVlv6vv/tjXTvP0Qg0IrwekKrRKJCzF1Em/c7yg3svwLS229Qa/EAWJVbqSGdO6oBm611u13CQ==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'jac+3438F957':
ensure => absent,
name => 'jac+3438F957@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQC7cQCp8MJ4VX1UWb6PW4wnkQfbV8g4WB1vLO2MBUycjoXG3t9xXziy+VAxBmsMIFtpysddsU2Sz6d6Y3vlvXr9DHLvZ7Fqn2Cnyn3q+kDG677zPjGFV4DBZVnmH7dHpkTN1mYKfgV2vnKGwRJE651gwqbR0zkbQxRakLM5/Sh0bm9VtQw8iQvLrAOZGbUdSPx2u1p6XZjwkHGxRdEb06bhLDSr1DlXyVk8bfVVj5JXy+/o/6VbYQUlvotxlZnFr0k5Q84t7mkbaoQwE3gZQTBQLmxpguGKnIN9IiC1hmJGOXcMFpFvxsbJd+lg+DkM7Cl7OByPVTe+EflXctVacyg62s2WZbyH7SyUGNR3GUDQRjEXnDF4eKfk3pniMcTIRGt0eIo88hUV2Ep/EW6i06kTiPV5luAht8hVAayTfoNW+MQbKsLuRJEqEjMADZVY0PMYcLv0TWzjh6xkx/Y7Qth/DeBQYk24DqoOkLFB2HOwTN/qy5Xc0GJmu0pwiUXImSJto6Abh8S8nw95+TnFymybLfJCqm4buUGeJsG3Ej9Bo5KajW6/FDcaj4LlJV9Hq6kNdtXCFxe/DV+WpL1JEvuwyXfjBVoX9GpiquKvUiLJOpeT4Gmc7tsoAISrcZ2LOwq2JPSZUtOO5m+dd1OncGg7zMllTsjZnpebhczqODprZQ==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'jbr+55F5842C@nordu.net':
ensure => absent,
name => 'jbr+55F5842C@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCb88AZ1OPH62tCbkY0Iqu4kS0iRD/HwiQU+UDoosWPMuaIrULz0FOGidEHdhGhoxiUOCj0Uu8B8PwC2sztprBqpgDm2F8lKRd86Pw1BgblnnFA6m3+N8LbVhm8ux93xLqW04TKrxfCQtVGYKdOvva4+7b1Xf3R7UsnJQJoJwW1TCiZaHSNK1e6t2iofXTInhKzh9OVdmczyczjxsJVg9EnNGSf6/B26vIJPDs0pS7t9gUZ4SN6fLdrCG+tLqx76Obvzi1TZ441ZVnRKEUF/+oWsUv7he6ZGO/b4XGVhfb/c8P9pmioet6rxo3EyEsw2978V85vJmg3DA+gqQQXj3Pa0PXn7lrY62niiIQvSm/4fCCcWPVaeTlAS0wc4r2hsVlgYQJjAXDSab2K5ZHWUux2bMZkdJKXK2wC8Q0hf9OTVCfeMgcF8HRU7PPni1vymuurLgS67Ny1ucrOwbWsWjqrOfnT03huRdOhhdik8cRX5qz6PleBiq5Jly/KcjsyahiNDE2uTLDn7+z59HaHd2qp1NDVWtxTDjP46LqGF4VYnPTOooVv+4EFF9AAjqJRVTr1WdJjWtG3R7aDnWqFKRI912stlOXRvblOvF5iJjQHCecPWcE06ZrkUSa91i2ylf16q82tdEv3Hj3hvh873aAE8YnMHAnkSbnE+7VjF9jsZQ==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'markus+FA2CC191':
ensure => absent,
name => 'markus+FA2CC191@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDjBx/TbLSK9Ocf8Vefrddy62xH/gwPwT4/23xN8+ZEo7YG+0rKxFVRDFchnS9lMx+1UFubyZEui1CjRMwwFcFN/uOQ94oEPnFjyVZZ4jwXmmQu/xY1oiWg25h1WfwR9xTkOfe2CvPXjmtUwqYy+AO82YpXKpLTi/J7y3CVOxS2kRZzfe99CaB0nSzX7lSYmaq9KoThJ7VAsoyObJ2vcpuliIhNUsYL2RWHYdnSOdJoNftZkegN87so62fY7YcYWJkET9Rvydm9Qn1fDiUvGuMCitvS4OeWgJ97g3yAwdmhXExcQEzePxcx4LgR0DndzU/MqXYw2KqAVeRsjct2HFAqo0uL1jj8mb7tWYVpQTq8KNgUuA4o2wTvmKuNtWzhfb+J6TMCLrCXx9/3nH0NbO3JqUvxQxblnh3cZYIiphdIDxpXUGPXxVOtHjd2M0KaTrrhd+4ntnf0c9A0kcMCvSv/pEjy2saVpuNSjz13iO8Db7IOan4oC9ACheKAoDyBVLpmZFVMc4t2scLPqqeJjzwu/BozxPVQy8nhKdKznGmg3QGnPcrvNfGoO4huBPxlJZsLSmaPenImK4tHYDmFTjjQWSJ+gFkTlkJzDCqsDB/H+SZQEuAH/JIpzULApouVUi42dJq/MUN4SUvfuij7Zsx+jyWqOnxAkx0gpUnu8UsF5Q==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'htj+key-from-ldap':
ensure => absent,
name => 'htj+key-from-ldap@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDeME6LuIRZzHh8f7wTBE1RRX8fX4DftnZambVOoGOzg5ujtVnmwBZiFFcumqRGs7o/iradUY0IB5K2tbooHJkTYh+B0sIR/5jOPJJZ+bS45bngcGq1vz++z1VSXlTGH13H8OFXHZPnjwvFzO5eauHnen4uKVKrN9A/lNhTfbjpiHRN1yfXuunlvar4Go6OLAm6tgWe93scdXiAdxd3LoZ/I91w7djfAi0SpMiTDbYchrtt9wC3l4U42wehcANU4EhEJfMrwcMcRXRSZ/3IejXp2I1PueQhiHjknAkVX/r4Y23RKT77B1OEbVXg8VizFVnHrhkGWW1JZzQWrvb/MruT',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'pettai+BD795A53':
ensure => absent,
name => 'pettai+BD795A53@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDcvRAnhdoty3OpQnC3zYEUQijkhlg9eiU7y6EVR/rdy+HID4aRZU57EuEB17wmoP6OliXZc02R5oHwoTT42cugUPgwPyxfgofwMRhl9zHUDumvnI9apiW6TMTz8F/zg26eLHhrB9k3tmviPhPV3PQKqEOvfKMwM47aEieGRcUTRLqOAJnrfoE+JRLtql/eaFFYKnVNtMscpNnBcvl77cAG3ciGqe4FLo21Sxo5WieoKElBswZzNKt+vQSZMI8yIA/DU1XGg6Yn5hhbqhgMJLhye3JXM9qSlzXo+T5SrBF8T8uZ3LpkPoA06T7k2DBjaj3iXueJVmoibdRG3t53YfE7',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'mikott+BEBCB9C0':
ensure => absent,
name => 'mikott+BEBCB9C0@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAABAQC36l/Qxb+sByKKZwBOPLiqScqWg6Q9elraB4vj13MjkoGsNoCmzWDEcAE9hUVwnlprYnWNyaJZ3OliEawFJlRDF8MxgVN+jHYUCUhPoHCE4ChS9Y0EayLb+AQ2JbfI1KAADga161P+/P1ofALMnZHW2NpK1p+2eiE891c1sc+NfLCNySX/hcvkkP6zNrCmZxgFcqIBbYNNxDjU33G3StypFe/7YgmVvd/ZfY22fhWb4gm1fX/3HelxCU6FirDJHujhDm79btjR221emlqTMH3WQvgGBKhLGOoQTKTHEadBmPa16nxv01mTtHVH6tnqGrWXhSrn6WEw3qQSzKrBnHIV',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'berra+DA7C099B':
ensure => absent,
name => 'berra+DA7C099B@nordu.net',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDoUEUPOtw5ZUBblnDlf03EfA8xmoOMVnoxV6nrAwPWsNOWCY39+OO5ckfv8B/n/i/JRIvokPp+YrPpOXi8fLkchiu5AFDBwN4cqS8NETLMwJhImfObIM6M1P9a4re4WuAZ4u2BQ2/Nin7WRewJfAfbvbSx6o5zRp95IotiQiXIH8LyYC7whDUjT7OKvESUwLRnK6wQ4kQRgxpgUbAZxAgPZxRzTL0jPKx5dW2pald5WWXcu9ki4uiPg5fDjHVwAJ3MFNzFfDUrJX0bKSln/ocAJFBuAKTCUHEMXo9arD6LBcj7JoXZP6ZiXlcIUG6hd93vAmL+1fxOWu3Adbtz31hxzfmTHGLwF5HyfBIpdygNBZILwICjKimocD0oevrNcJ0KmgBWnw6ZlZJjKIcxN77wEbmskQ19kj+nTHQIgDeocISfio3iJIKdAGsLo+L+d8x4vMoPgIhJUJf8vT2piTa532mumfH2buWt841Yq3fsP98AQJTPDdsXRUGkIVTIIRIqFN1thV9FaMX5wIErq3oEYNJNDhJ6g+5z6N3Zq4AivXzQnmUOeqIttP0jryO85BBGjAz6LIBTCnirKwdsKv7Bq3g3Y5QARUgL42DQ9ddMyMWud5OKrVSwhPf1tqeQEyhgctA0Ve007h9nfovKFhDyUA24HFfDHlIqIWxuOnk1sw==',
type => 'ssh-rsa',
user => 'root'
}
ssh_authorized_key {'bjorn+8E2DA8EB05F646D7':
ensure => present,
name => 'bjorn+8E2DA8EB05F646D7',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDO1nktCA7fWcbmXAlcSEAeAxqlo2bobQblqqhvbjzmDfZdvhUYRXNjc2R4GjAU60yB/qqODE2km1z2xcIojlT/uHIXPx7jkSXvDZQFVDWplGiWKbOZS/apvva2vHBtfDBPSQnDSxr3sINAqehG58gL1coP95uWXodXSfv+BzGqQfYomlqU9f5qjXT2vFA+0XzoGTT9yG2utD3uhYd1k9EN+ED6NCXyCsUoihtEI8M8fF0Sps/QYpdyR34yP98lL+8DwZCtq0eQRMhF6mTcRcTDFdYdgS8jL+lSbw9DaPrWhGll0ie/Xk/v9RC+d3FGE6av0e8YDboNlduwy2iUbA1w1ll/VUOmXy6gudIZ91Edl+sOOyDVfLY3+Dz+RnmoSuCoWyJ00KovBIfgDOUDKe0QMHyVZ9ccMMihTUMUfJ7kYQ9EuidBLsy9GO+ar7FFPHYyVKiWYoxFBafAtIVDM79v9KvQeF2PAfuhSM3yIXeSb+8cp2ANVLX5dncoMPEgdfFRVie5HMwMct+BFwkyIuQ8++kCInGxbM5X1B3uhYTlkYyT3eAR3jHiwZoiBssCPXtmkXjJ0CFB1BcBlGSZktFoBRstGlEb/nEpTH/71JdA60a1eNwbhslNpAWfi3Jco3QPKBoRdwbeIsmDrK1hpJZG9Ke/jZxr3WSv39tu0l4JAw==',
user => 'root'
}
ssh_authorized_key {'jocar@sunet.se':
ensure => present,
name => 'jocar@sunet.se',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDNkmMZWjsa2oZfIsK+8wO0w8MgMa1aWUOZXahgj7Jg+CBSxY3eXNa8BRoT9gvHEWSdT9N6AIY0IxCiDs0KZmB4CV/k532cMAs5q22T9U1jLEP8FA6zXVoyEGvhY/v5aRpoCOEwZpHCRp04xEiEtw4ymXA0JnI6/2Yp+m2wdhkyYBjrv/xCeoeIhjtMHaVQlMwl/LLSRaaD3YRc9g8WmnntZpsz2BIDMGLhI8QF/reF+l8BFNAyHQbuFhkfQgmNra3KsAqNIwV2bMZRje+TnTzeERjGxeM/kOhYBEulVdfxUOVFE3pDzTG1U8srVdic49+PlfhoFJRLNo+TATkXbJuHKCJA4kjDv7Fw32Y7d6prEahqH/8VdAsjmv2a66BABj/5Yl/pp6mDCA+Xy667Asgk6qKKH5NAeqHSQx7s6+TgitXUMZn6/Se6+l1Wd43iVK+N58xK2MMA8lANaSYddTJ4k8wFEFdYjjaxGqPOEE2ztKFAZTp5nBi8jRxLZ1mfLXZxru8HPVmCSPxx+/4bZe3zyMPHGqb8fEc/nuNkdnogo4opXX2w64mAiFJZftWQ+k5VigT1l9DUN0I7wO7pRI08So8W8/biUmoao+0DgI3kXW9PClEcz0QcbvOCQeVlNE2UowCmiKZ/Otgm3VTGy9ykI7iYbw+5UZs4Z0Ap++dHAQ==',
user => 'root'
}
ssh_authorized_key {'kjellman-000607431461':
ensure => present,
name => 'kjellman-000607431461',
type => 'ssh-rsa',
key => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCij0ZrT2c9H+IkU60B2CqNgaw8mIAggwy6v48pvDfVEZZapRshBlHBNNcFmGDyBifMFiqPAL6+Z/rCCT2Ni9xT1r3gPUe8jPDf0od0xqc+NLY5sUQ7ikj1tL+t7umnIYhcA6B0F8UM2m0MAaFospv1ayhui+HXD7TQJqqp6NotuNibbkLvE85L223vGqp1trwnPKRdbwgbRy4Ak2anDtt+pag3BDP+fnblnGIEKVWcuD6AHcOIXqB4z4wVaLxlq4Mg2JIAdBmAATtxQh7bHZZ9rL4MBJ73S4tlfNsUvTU2XuQQCrKMN9Pyth48bwkqamcryCuvM0pfkoEfVrSjh1zrk4kIeG9lyMEt2gr5UmOT90atlHxXYZGcrHh9RwYgJKikHVvueG9eDQMj4tk0ntpqouj1lT0J8EZkH4pGjh6ik7GygrS9zxEr1j9aynBE06/o6tfpNbi+avXd4MwYsHBTxhwgjO4WRp1Ij6ybHpQSQt1DGB6jG5G6MdvrsaTChJy35kRvUG3L5cNbk7QjazELCks2XI6/9+5r84zJlpiS8hFAT35Jn5aa/83jbz+tarOiyuezGj/UK8U244Hx97cCDvfTzeBdOK0didN4xFvCfXUkNIaUKpmPJVgjdzKYzTM33W3wDEZIpaMW64Unz507IQOlOk8Y8Hz4zdzySfyikQ==',
user => 'root'
}
# OS hardening
if $::hostname =~ /kvm/ {
class {'bastion':
fstab_fix_shm => false,
sysctl_net_hardening => false,
}
} elsif $::hostname =~ /random/ { # pollen requires exec on /tmp
class {'bastion':
fixperms_enable => false,
fixperms_paranoia => false,
}
} else {
class {'bastion':
fstab_fix_shm => false,
fixperms_paranoia => true,
}
}
}
class sunetops_new {
sunet::ssh_keys { 'sunetops':
config => safe_hiera('sunetops_ssh_keys', {})
}
@ -1058,7 +801,7 @@ class sunetops_new {
}
}
class konsulter_new {
class konsulter {
sunet::ssh_keys { 'konsulter':
config => safe_hiera('konsulter_ssh_keys', {})
}