I am using the file resource and specifying the file contents to the content attribute. However, the content is huge and I cannot declare the content directly within the file attribute.
file "/var/django/.ssh/id_rsa" do
content "huge content"
owner "django"
group "django"
mode 00600
end
Please suggest if there is a better way to declare the content(when content is huge).
Although, you mentioned you don't want a separate file, the correct way to create a private SSH key would be to use encrypted data bags. The easiest way to manage encrypted data bags is through chef vault. You can read more about how to get setup with Chef vault here: http://jtimberman.housepub.org/blog/2013/09/10/managing-secrets-with-chef-vault/.
vault_ssh = ChefVault::Item.load("secrets", "vaultuser-ssh-private")
directory "/home/vaultuser/.ssh" do
owner "vaultuser"
group "vaultuser"
mode 0700
end
file "/home/vaultuser/.ssh/id_rsa" do
content vault_ssh["vaultuser-ssh-private"]
owner "vaultuser"
group "vaultuser"
mode 0600
end
If you wanted to skip the data bag you could just set the value of the vault_ssh["vaultuser-ssh-private"] attribute to the key, or have it set to a node attribute in your role/cookbook.