mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Add SSHPOP default provisioner if SSH enabled during init

Browse source
This commit is contained in:
max furman 2020-07-31 10:32:08 -07:00
parent 3f844c5e23
commit 3fb116f1b4
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pki/pki.go
View file

@ -446,9 +446,19 @@ func (p *PKI) GenerateConfig(opt ...Option) (*authority.Config, error) {
HostKey: p.sshHostKey, HostKey: p.sshHostKey,
UserKey: p.sshUserKey, UserKey: p.sshUserKey,
} }
// Enable SSH authorization for default JWK provisioner
prov.Claims = &provisioner.Claims{ prov.Claims = &provisioner.Claims{
EnableSSHCA: &enableSSHCA, EnableSSHCA: &enableSSHCA,
} }
// Add default SSHPOP provisioner
sshpop := &provisioner.SSHPOP{
Type: "SSHPOP",
Name: "sshpop",
Claims: &provisioner.Claims{
EnableSSHCA: &enableSSHCA,
},
}
config.AuthorityConfig.Provisioners = append(config.AuthorityConfig.Provisioners, sshpop)
} }
// Apply configuration modifiers // Apply configuration modifiers