commit 03352fa0c2c8ede2cf17d2f831e5289d54876a19
author Simon Pasquier <spasquier@mirantis.com> Thu Jan 12 17:32:16 2017 +0100
committer Simon Pasquier <spasquier@mirantis.com> Fri Jan 20 16:11:58 2017 +0100
tree c65decda7727cc4c4d4ff60a1e97efbe15191855
parent b88a9c021be208e0fff057848e0ec6765c1734ed

Move authorized key for root to an optional class

This avoids hardcoding the root public key into the openssh.server
class.

openssh/server/team/lab.yml

diff --git a/openssh/server/team/lab.yml b/openssh/server/team/lab.yml
new file mode 100644
index 0000000..7ede7c0
--- /dev/null
+++ b/openssh/server/team/lab.yml
@@ -0,0 +1,25 @@
+parameters:
+  _param:
+    # This is the public key associated to the default private key setup in
+    # openssh.client.lab
+    cluster_public_key: >-
+      ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEvr+tWAJ62wROllpSZeaSPxxnVY3R65sfUW8wM6L8tr1knJOTQLoBikmcjISb3ekyPlwubTypGoxb7al06FiNwfr3KDkytflKRGTyMKYgchighuFCfBuePd13cjf1l19TYU7u7a+VuCVWi7pmhDGUkMi24s23OroQb7D14XX17v46wLrqJQi2nrXzN/DWXcn/ycq8IZ7ZFgN/uYlbpfAKX8PCvImbDDO8+BgndAy4MPz8cWOWsnfGMVNePhvhazVcijLvx8Vu2Iuvg7CoJiSGjTe7YTms44/WpnFkHreyK8cwsw4wzls4BApu6UU2jIAsAMZh9zux/Rtni71dcNfF
+  linux:
+    system:
+      user:
+        root:
+          enabled: true
+          name: root
+          home: /root
+  openssh:
+    server:
+      permit_root_login: true
+      user:
+        root:
+          enabled: true
+          user: ${linux:system:user:root}
+          public_keys:
+          - ${public_keys:root}
+  public_keys:
+    root:
+      key: ${_param:cluster_public_key}