Saltstack Official OpenSSH Formula

auth.sls 1.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
  1. {%- macro print_name(identifier, key) -%}
  2. {%- if 'name' in key %}
  3. {{ key['name'] }}
  4. {%- else %}
  5. {{ identifier }}
  6. {%- endif %}
  7. {%- endmacro -%}
  8. {%- macro print_ssh_auth(identifier, key) -%}
  9. {%- if 'user' in key %}
  10. - user: {{ key['user'] }}
  11. {%- else %}
  12. - user: {{ identifier }}
  13. {%- endif %}
  14. {%- if 'source' in key %}
  15. - source: {{ key['source'] }}
  16. {%- else %}
  17. {%- if 'enc' in key %}
  18. - enc: {{ key['enc'] }}
  19. {%- endif -%}
  20. {%- if 'comment' in key %}
  21. - comment: {{ key['comment'] }}
  22. {%- endif -%}
  23. {%- if 'options' in key %}
  24. - options: {{ key['options'] }}
  25. {%- endif -%}
  26. {%- endif %}
  27. {%- endmacro -%}
  28. include:
  29. - openssh
  30. {%- from "openssh/map.jinja" import mapdata with context -%}
  31. {%- set openssh = mapdata.openssh %}
  32. {%- set sshd_config = mapdata.sshd_config %}
  33. {%- set auth = openssh.get('auth', {}) -%}
  34. {%- for identifier,keys in auth.items() -%}
  35. {%- for key in keys -%}
  36. {% if 'present' in key and key['present'] %}
  37. {{ print_name(identifier, key) }}:
  38. ssh_auth.present:
  39. {{ print_ssh_auth(identifier, key) }}
  40. {%- if sshd_config.get("AuthorizedKeysFile", None) %}
  41. - config: '{{ sshd_config['AuthorizedKeysFile'] }}'
  42. {% endif %}
  43. - require:
  44. - service: {{ openssh.service }}
  45. {%- else %}
  46. {{ print_name(identifier, key) }}:
  47. ssh_auth.absent:
  48. {{ print_ssh_auth(identifier, key) }}
  49. {%- if sshd_config.get("AuthorizedKeysFile", None) %}
  50. - config: '{{ sshd_config['AuthorizedKeysFile'] }}'
  51. {% endif -%}
  52. {%- endif -%}
  53. {%- endfor -%}
  54. {%- endfor -%}