Support "salt://path_to_keyname" ssh_key definition in users:"user name":ssh_keys:"privkey|pubkey" pillar datatags/v0.45.0
ssh_keys: | ssh_keys: | ||||
privkey: PRIVATEKEY | privkey: PRIVATEKEY | ||||
pubkey: PUBLICKEY | pubkey: PUBLICKEY | ||||
# or you can provide path to key on Salt fileserver | |||||
privkey: salt://path_to_PRIVATEKEY | |||||
pubkey: salt://path_to_PUBLICKEY | |||||
# you can provide multiple keys, the keyname is taken as filename | # you can provide multiple keys, the keyname is taken as filename | ||||
# make sure your public keys suffix is .pub | # make sure your public keys suffix is .pub | ||||
foobar: PRIVATEKEY | foobar: PRIVATEKEY |
- mode: 600 | - mode: 600 | ||||
{% endif %} | {% endif %} | ||||
- show_diff: False | - show_diff: False | ||||
{%- set key_value = salt['pillar.get']('users:'+name+':ssh_keys:'+_key) %} | |||||
{%- if 'salt://' in key_value[:7] %} | |||||
- source: {{ key_value }} | |||||
{%- else %} | |||||
- contents_pillar: users:{{ name }}:ssh_keys:{{ _key }} | - contents_pillar: users:{{ name }}:ssh_keys:{{ _key }} | ||||
{%- endif %} | |||||
- require: | - require: | ||||
- user: users_{{ name }}_user | - user: users_{{ name }}_user | ||||
{% for group in user.get('groups', []) %} | {% for group in user.get('groups', []) %} |