This adds the ability to manage the ~/.ssh/config file for users.tags/v0.45.0
# than inline in pillar, this works. | # than inline in pillar, this works. | ||||
ssh_auth_sources: | ssh_auth_sources: | ||||
- salt://keys/buser.id_rsa.pub | - salt://keys/buser.id_rsa.pub | ||||
# Manage the ~/.ssh/config file | |||||
ssh_config: | |||||
all: | |||||
hostname: "*" | |||||
options: | |||||
- "StrictHostKeyChecking no" | |||||
- "UserKnownHostsFile=/dev/null" | |||||
importanthost: | |||||
hostname: "needcheck.example.com" | |||||
options: | |||||
- "StrictHostKeyChecking yes" | |||||
google_auth: | google_auth: | ||||
ssh: | | ssh: | |
{% endfor %} | {% endfor %} | ||||
{% endif %} | {% endif %} | ||||
{% if 'ssh_config' in user %} | |||||
users_ssh_config_{{ name }}: | |||||
file.managed: | |||||
- name: {{ home }}/.ssh/config | |||||
- user: {{ name }} | |||||
- group: {{ user_group }} | |||||
- mode: 640 | |||||
- contents: | | |||||
# Managed by Saltstack | |||||
{% for label, setting in user.ssh_config.items() %} | |||||
# {{ label }} | |||||
Host {{ setting.get('hostname') }} | |||||
{%- for opts in setting.get('options') %} | |||||
{{ opts }} | |||||
{%- endfor %} | |||||
{% endfor -%} | |||||
{% endif %} | |||||
{% if 'sudouser' in user and user['sudouser'] %} | {% if 'sudouser' in user and user['sudouser'] %} | ||||
users_sudoer-{{ name }}: | users_sudoer-{{ name }}: |