Saltstack Official OpenSSH Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

auth.sls 1.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455
  1. {%- macro print_name(identifier, key) -%}
  2. {%- if 'name' in key %}
  3. {{ key['name'] }}
  4. {%- else %}
  5. {{ identifier }}
  6. {%- endif %}
  7. {%- endmacro -%}
  8. {%- macro print_ssh_auth(identifier, key) -%}
  9. {%- if 'user' in key %}
  10. - user: {{ key['user'] }}
  11. {%- else %}
  12. - user: {{ identifier }}
  13. {%- endif %}
  14. {%- if 'present' in key and key['present'] and 'source' in key %}
  15. - source: {{ key['source'] }}
  16. {%- else %}
  17. {%- if 'enc' in key %}
  18. - enc: {{ key['enc'] }}
  19. {%- endif -%}
  20. {%- if 'comment' in key %}
  21. - comment: {{ key['comment'] }}
  22. {%- endif -%}
  23. {%- if 'options' in key %}
  24. - options: {{ key['options'] }}
  25. {%- endif -%}
  26. {%- endif %}
  27. {%- endmacro -%}
  28. include:
  29. - openssh
  30. {%- from "openssh/map.jinja" import openssh with context -%}
  31. {%- set openssh_pillar = pillar.get('openssh', {}) -%}
  32. {%- set auth = openssh_pillar.get('auth', {}) -%}
  33. {%- for identifier,keys in auth.items() -%}
  34. {%- for key in keys -%}
  35. {% if 'present' in key and key['present'] %}
  36. {{ print_name(identifier, key) }}:
  37. ssh_auth.present:
  38. {{ print_ssh_auth(identifier, key) }}
  39. {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
  40. - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
  41. {% endif %}
  42. - require:
  43. - service: {{ openssh.service }}
  44. {%- else %}
  45. {{ print_name(identifier, key) }}:
  46. ssh_auth.absent:
  47. {{ print_ssh_auth(identifier, key) }}
  48. {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
  49. - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
  50. {% endif -%}
  51. {%- endif -%}
  52. {%- endfor -%}
  53. {%- endfor -%}