Saltstack Official OpenSSH Formula

35 linhas
1.1KB

  1. include:
  2. - openssh
  3. {% from "openssh/map.jinja" import mapdata with context -%}
  4. {%- set openssh = mapdata.openssh %}
  5. {%- set sshd_config = mapdata.sshd_config %}
  6. {%- set authorized_keys_file = sshd_config.get("AuthorizedKeysFile", None) %}
  7. {%- for store, config in openssh.get("auth_map", {}).items() %}
  8. {%- set store_base = config["source"] %}
  9. # SSH store openssh:auth_map:{{ store }}
  10. {%- for user, keys in config.get("users", {}).items() %}
  11. {%- for key, key_cfg in keys.items() %}
  12. "ssh_auth--{{ store }}--{{ user }}--{{ key }}":
  13. {%- set present = key_cfg.get("present", True) %}
  14. {%- set options = key_cfg.get("options", []) %}
  15. {%- if present %}
  16. ssh_auth.present:
  17. - require:
  18. - service: {{ openssh.service }}
  19. {%- else %}
  20. ssh_auth.absent:
  21. {%- endif %}
  22. - user: {{ user }}
  23. - source: {{ store_base }}/{{ key }}.pub
  24. {%- if authorized_keys_file %}
  25. - config: "{{ authorized_keys_file }}"
  26. {%- endif %}
  27. {%- if options %}
  28. - options: "{{ options }}"
  29. {%- endif %}
  30. {%- endfor %}
  31. {%- endfor %}
  32. {%- endfor %}