Browse Source

Add macro to handle string or list

Added a macro to handle multivalue options entered in either string
format or list format (with auto joiner).
master
Pandu E Poluan 8 years ago
parent
commit
30648d115e
1 changed files with 28 additions and 3 deletions
  1. +28
    -3
      openssh/files/sshd_config

+ 28
- 3
openssh/files/sshd_config View File

{{ option_impl(keyword, default, True) }} {{ option_impl(keyword, default, True) }}
{%- endmacro -%} {%- endmacro -%}


{#- macro for collapsing a list into a string -#}
{%- macro option_collapselist(keyword, sep) -%}
{%- do processed_options.append(keyword) -%}
{{keyword}} {{sshd_config.get(keyword)|join(sep)}}
{%- endmacro -%}

{#- macro for handling an option that can be specified as a list or a string -#}
{%- macro option_string_or_list(keyword, default, default_commented, sep=',') -%}
{%- if sshd_config.get(keyword, '') is string -%}
{%- if default_commented -%}
{{ option(keyword, default) }}
{%- else -%}
{{ option_default_uncommented(keyword, default) }}
{%- endif -%}
{%- else -%}
{{ option_collapselist(keyword, sep) }}
{%- endif -%}
{%- endmacro -%}

{%- if sshd_config.get('ConfigBanner', False) -%}
{{ sshd_config['ConfigBanner'] }}
{%- else -%}
# This file is managed by salt. Manual changes risk being overwritten. # This file is managed by salt. Manual changes risk being overwritten.
{%- endif %}
# The contents of the original sshd_config are kept on the bottom for # The contents of the original sshd_config are kept on the bottom for
# quick reference. # quick reference.
# See the sshd_config(5) manpage for details # See the sshd_config(5) manpage for details
{{ option('AllowGroups', '') }} {{ option('AllowGroups', '') }}


# Specifies the available KEX (Key Exchange) algorithms. # Specifies the available KEX (Key Exchange) algorithms.
{{ option('KexAlgorithms', 'ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1') }}
{{ option_string_or_list('KexAlgorithms', 'ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1', True) }}


# Specifies the ciphers allowed for protocol version 2. # Specifies the ciphers allowed for protocol version 2.
{{ option('Ciphers', 'aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se') }}
{{ option_string_or_list('Ciphers', 'aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se', True) }}


# Specifies the available MAC (message authentication code) algorithms. # Specifies the available MAC (message authentication code) algorithms.
{{ option('MACs', 'hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96') }}
{{ option_string_or_list('MACs', 'hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96', True) }}


{# Handling unknown in salt template options #} {# Handling unknown in salt template options #}
{%- for keyword in sshd_config.keys() %} {%- for keyword in sshd_config.keys() %}
{%- endfor %} {%- endfor %}
{%- endfor %} {%- endfor %}
{%- endif %} {%- endif %}

{#- vim: set ft=jinja : #}

Loading…
Cancel
Save