On Wed, Jul 25, 2012, Andy Doan wrote:
So we start with a new system, letscall it "bounce".
- Runs SSHD
- Runs apache with mulitiple vhosts set up for reverse proxy.
Yup, this is pretty much what I run at home as a frontend; simple and effective
As Michael noted yesterday, it would be nice to grant access to the lab using some type sync with SSH keys of users from a launchpad group. I'm guessing that code has already been written somewhere else before.
I looked at ssh-import-id, but it didn't have a team feature and didn't particularly impress me, so instead I hacked a custom script for the ~linaro-flexlm use case: http://bazaar.launchpad.net/~linaro-sysadmins/linaro-its-tools/trunk/view/he...
It's custom because it hardcodes ~linaro-flexlm and it also checks that people there are members of ~linaro (harcoded as well). Not hard to make more generic.
It's wrapped by a lock in this script: http://bazaar.launchpad.net/~linaro-sysadmins/linaro-its-tools/trunk/view/he...
and the crontab entry looks like this: @hourly cd linaro-its-tools && bzr pull >/dev/null 2>&1 && ./update-ssh-keys ./flexlm-sshkeys