User story #8352
open
Create a per-node private-folder for file distribution to each node
Description
Consider following usecase:
You want to distribute the private ssh-hostkeys for each node. If you have a large enough environment, that is changing on a very big rate (daily installs/decoms), maintaining a per-node file-edit policy is not very likely
What you actually want to have is one policy, that takes one file from a node-only folder, that is populated on the root server and then distributed towards the node (over the relays), so that only the node has access to it (not like the general shared-folder, which can be fetched basically by every node).
My idea would be that there could be a /var/rudder/configuration-repository/private-files/<UUID> folder, where each node can have its private folder, and that would also be replicated to a well defined target folder on the referenced node, so you could write techniques that use that folder.
Example:
On the RootServer:
# cp \ ~/nodes_ssh_key.pem \ /var/rudder/configuration-repository/private-files/89e67574-fe20-4325-83a2-1530b20c8aab/ssh_host_ecdsa_key
On the Node '89e67574-fe20-4325-83a2-1530b20c8aab':
technique copies /var/rudder/private-files/ssh_host_ecdsa_key => /etc/ssh/ssh_host_ecdsa_key
Updated by 
Updated by 
Updated by