Browse Source
Add macro to handle string or list
Added a macro to handle multivalue options entered in either string format or list format (with auto joiner).master
Pandu E Poluan
8 years ago
1 changed files with 28 additions and 3 deletions
+ 28
- 3
openssh/files/sshd_config
View File
| @@ -42,7 +42,30 @@ | |||
| {{ option_impl(keyword, default, True) }} | |||
| {%- endmacro -%} | |||
| {#- macro for collapsing a list into a string -#} | |||
| {%- macro option_collapselist(keyword, sep) -%} | |||
| {%- do processed_options.append(keyword) -%} | |||
| {{keyword}} {{sshd_config.get(keyword)|join(sep)}} | |||
| {%- endmacro -%} | |||
| {#- macro for handling an option that can be specified as a list or a string -#} | |||
| {%- macro option_string_or_list(keyword, default, default_commented, sep=',') -%} | |||
| {%- if sshd_config.get(keyword, '') is string -%} | |||
| {%- if default_commented -%} | |||
| {{ option(keyword, default) }} | |||
| {%- else -%} | |||
| {{ option_default_uncommented(keyword, default) }} | |||
| {%- endif -%} | |||
| {%- else -%} | |||
| {{ option_collapselist(keyword, sep) }} | |||
| {%- endif -%} | |||
| {%- endmacro -%} | |||
| {%- if sshd_config.get('ConfigBanner', False) -%} | |||
| {{ sshd_config['ConfigBanner'] }} | |||
| {%- else -%} | |||
| # This file is managed by salt. Manual changes risk being overwritten. | |||
| {%- endif %} | |||
| # The contents of the original sshd_config are kept on the bottom for | |||
| # quick reference. | |||
| # See the sshd_config(5) manpage for details | |||
| @@ -170,13 +193,13 @@ | |||
| {{ option('AllowGroups', '') }} | |||
| # Specifies the available KEX (Key Exchange) algorithms. | |||
| {{ option('KexAlgorithms', 'ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1') }} | |||
| {{ option_string_or_list('KexAlgorithms', 'ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1', True) }} | |||
| # Specifies the ciphers allowed for protocol version 2. | |||
| {{ option('Ciphers', 'aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se') }} | |||
| {{ option_string_or_list('Ciphers', 'aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se', True) }} | |||
| # Specifies the available MAC (message authentication code) algorithms. | |||
| {{ option('MACs', 'hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96') }} | |||
| {{ option_string_or_list('MACs', 'hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96', True) }} | |||
| {# Handling unknown in salt template options #} | |||
| {%- for keyword in sshd_config.keys() %} | |||
| @@ -196,3 +219,5 @@ Match {{ match['type'].keys()[0] }} {{ match['type'].values()[0] }} | |||
| {%- endfor %} | |||
| {%- endfor %} | |||
| {%- endif %} | |||
| {#- vim: set ft=jinja : #} | |||
Loading…