ExternalMirrors
/
users-formula
mirror of https://github.com/saltstack-formulas/users-formula
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 13 Wiki Activity
Browse Source

Merge pull request #123 from myii/PR_multi-line-authorized_keys 

Use `contents_pillar` to work with multi-line authorized_keys file
tags/v0.45.0
Forrest 8 years ago
parent
21fc8df0b6 b94514529d
commit
7bd4e9080b
2 changed files with 13 additions and 6 deletions
Unified View Show Diff Stats
  1. +3
    -0
      pillar.example
  2. +10
    -6
      users/init.sls

+ 3
- 0
pillar.example View File

# WARNING: If 'empty_password' is set to True, the 'password' statement # WARNING: If 'empty_password' is set to True, the 'password' statement
# will be ignored by enabling password-less login for the user. # will be ignored by enabling password-less login for the user.
empty_password: False empty_password: False
system: False
home: /custom/buser home: /custom/buser
user_dir_mode: 750
createhome: True createhome: True
roomnumber: "A-1" roomnumber: "A-1"
workphone: "(555) 555-5555" workphone: "(555) 555-5555"
sudo_defaults: sudo_defaults:
- '!requiretty' - '!requiretty'
shell: /bin/bash shell: /bin/bash
remove_groups: False
prime_group: prime_group:
name: primarygroup name: primarygroup
gid: 500 gid: 500

+ 10
- 6
users/init.sls View File

{{ auth }} {{ auth }}
{% endfor -%} {% endfor -%}
{% else %} {% else %}
- contents: |
{%- for key_name, pillar_name in user['ssh_auth_pillar'].iteritems() %}
{{ salt['pillar.get'](pillar_name + ':' + key_name + ':pubkey', '') }}
{%- for key_name, pillar_name in user['ssh_auth_pillar'].items() %}
- contents_pillar: {{ pillar_name }}:{{ key_name }}:pubkey
{%- endfor %} {%- endfor %}
{% endif %} {% endif %}
{% endif %} {% endif %}
{%- endfor %} {%- endfor %}
{%- endif %} {%- endif %}
{%- if 'sudo_rules' in user %} {%- if 'sudo_rules' in user %}
########################################################################
# File managed by Salt (users-formula).
# Your changes will be overwritten.
########################################################################
#
{%- for rule in user['sudo_rules'] %} {%- for rule in user['sudo_rules'] %}
{{ name }} {{ rule }} {{ name }} {{ rule }}
{%- endfor %} {%- endfor %}
- require: - require:
- file: users_sudoer-defaults - file: users_sudoer-defaults
- file: users_sudoer-{{ name }} - file: users_sudoer-{{ name }}
cmd.wait:
cmd.wait:
- name: visudo -cf {{ users.sudoers_dir }}/{{ name }} || ( rm -rvf {{ users.sudoers_dir }}/{{ name }}; exit 1 ) - name: visudo -cf {{ users.sudoers_dir }}/{{ name }} || ( rm -rvf {{ users.sudoers_dir }}/{{ name }}; exit 1 )
- watch:
- file: {{ users.sudoers_dir }}/{{ name }}
- watch:
- file: {{ users.sudoers_dir }}/{{ name }}
{% endif %} {% endif %}
{% else %} {% else %}
users_{{ users.sudoers_dir }}/{{ name }}: users_{{ users.sudoers_dir }}/{{ name }}:

Write Preview
Loading…
Cancel
Save