From 54214f83b5da2920a05b65535116c01cab7cb617 Mon Sep 17 00:00:00 2001 From: Jeff Gonzalez Date: Mon, 22 Dec 2014 18:22:31 -0600 Subject: [PATCH 1/3] Added ability to use url as key source --- system/authorized_key.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/system/authorized_key.py b/system/authorized_key.py index d5792200b8d..898f74b575b 100644 --- a/system/authorized_key.py +++ b/system/authorized_key.py @@ -118,6 +118,7 @@ import os.path import tempfile import re import shlex +import urllib2 class keydict(dict): @@ -333,6 +334,14 @@ def enforce_state(module, params): state = params.get("state", "present") key_options = params.get("key_options", None) + if key.startswith("http"): + try: + gh_key = urllib2.urlopen(key).read() + except urllib2.URLError, e: + module.fail_json(msg="no key found at: %s" % key) + + key = gh_key + # extract individual keys into an array, skipping blank lines and comments key = [s for s in key.splitlines() if s and not s.startswith('#')] From e9ae16579246b813e46698ad74c8761b37989693 Mon Sep 17 00:00:00 2001 From: Jeff Gonzalez Date: Tue, 27 Jan 2015 15:06:55 -0600 Subject: [PATCH 2/3] Added documentation for using url as key source --- system/authorized_key.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/system/authorized_key.py b/system/authorized_key.py index 898f74b575b..c5d19521813 100644 --- a/system/authorized_key.py +++ b/system/authorized_key.py @@ -37,7 +37,7 @@ options: aliases: [] key: description: - - The SSH public key, as a string + - The SSH public key(s), as a string or url (https://github.com/username.keys) required: true default: null path: @@ -79,6 +79,9 @@ EXAMPLES = ''' # Example using key data from a local file on the management machine - authorized_key: user=charlie key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}" +# Using github url as key source +- authorized_key: user=charlie key=https://github.com/charlie.keys + # Using alternate directory locations: - authorized_key: user=charlie key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}" @@ -97,6 +100,7 @@ EXAMPLES = ''' - authorized_key: user=charlie key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}" key_options='no-port-forwarding,host="10.0.1.1"' + ''' # Makes sure the public key line is present or absent in the user's .ssh/authorized_keys. From 27c046ae792be84398647e49751dce00b7981293 Mon Sep 17 00:00:00 2001 From: Jeff Gonzalez Date: Tue, 3 Feb 2015 19:08:23 -0600 Subject: [PATCH 3/3] Refactored code to use module utility fetch_url function. --- system/authorized_key.py | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/system/authorized_key.py b/system/authorized_key.py index c5d19521813..e1ac18a701d 100644 --- a/system/authorized_key.py +++ b/system/authorized_key.py @@ -122,7 +122,6 @@ import os.path import tempfile import re import shlex -import urllib2 class keydict(dict): @@ -337,19 +336,22 @@ def enforce_state(module, params): manage_dir = params.get("manage_dir", True) state = params.get("state", "present") key_options = params.get("key_options", None) + error_msg = "Error getting key from: %s" + # if the key is a url, request it and use it as key source if key.startswith("http"): - try: - gh_key = urllib2.urlopen(key).read() - except urllib2.URLError, e: - module.fail_json(msg="no key found at: %s" % key) - - key = gh_key + try: + resp, info = fetch_url(module, key) + if info['status'] != 200: + module.fail_json(msg=error_msg % key) + else: + key = resp.read() + except Exception: + module.fail_json(msg=error_msg % key) # extract individual keys into an array, skipping blank lines and comments key = [s for s in key.splitlines() if s and not s.startswith('#')] - # check current state -- just get the filename, don't create file do_write = False params["keyfile"] = keyfile(module, user, do_write, path, manage_dir) @@ -431,4 +433,5 @@ def main(): # import module snippets from ansible.module_utils.basic import * +from ansible.module_utils.urls import * main()