1

How do I adjust the "User" line in a ~/.ssh/config file using ERB template files in Puppet so that it contains the correct username that matches the account name?

class accounts_global::tharold { account { 'tharold': ensure => present, } file { "/home/tharold/.ssh/config" : require => Account['tharold'], owner => 'tharold', group => 'tharold', mode => '0600', content => template('accounts_global/user_ssh_config.erb'), } }

Content of the user_ssh_config.erb file looks like:

Host ssh.example.com Port 22 User tharold IdentityFile ~/.ssh/ssh-key

The question is, what should the <%= something =%> look like to replace "User tharold" in the template file with the account name of the user? This ERB config file is going to be used for multiple users, so I need to parameterize that part of the file.

Trying to use <%= @name %> ends up putting "accounts_global::tharold" in the file.

Improve this question

2 Answers 2

Reset to default
5

You need to change your class to a define, as per the below to make it re-usable for other users:

define accounts_global::account () { account { $name: ensure => present, } file { "/home/${name}/.ssh/config" : require => Account[$name], owner => $name, group => $name, mode => '0600', content => template('accounts_global/user_ssh_config.erb'), } }

Use this for your ~/.ssh/config ERB template:

Host ssh.example.com Port 22 User <%= @name %> IdentityFile ~/.ssh/ssh-key

Then add this to your Puppet manifest:

accounts_global::account { 'tharold': }

Incidentally, you shouldn't need to pass the User parameter in your SSH configuration unless the remote username is different - by default, SSH tries to connect using the current username.

Improve this answer
0 
class accounts_global::tharold { account { 'tharold': ensure => present, } $ssh_user = 'tharold' file { "/home/tharold/.ssh/config" : require => Account['tharold'], owner => 'tharold', group => 'tharold', mode => '0600', content => template('accounts_global/user_ssh_config.erb'), } }

Then your template looks like

Host ssh.example.com Port 22 User <%= ssh_user %> IdentityFile ~/.ssh/ssh-key
Improve this answer
1
  • You should strictly-speaking use scope.lookupvar to get scoped variables within ERB templates - technically the $ssh_user variable here is $accounts_global::tharold::ssh_user. Templates used within define resources don't need this as they automatically use top-scope for local variables. Commented Sep 16, 2014 at 15:14

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.