10 years ago · 6efc981885
--- a/openssh/auth.sls
+++ b/openssh/auth.sls
@@ -1,15 +1,18 @@
 include:
  - openssh
 {%- from "openssh/map.jinja" import openssh with context -%}
 {%- set openssh_pillar = pillar.get('openssh', {}) -%}
 {%- set auth = openssh_pillar.get('auth', {}) -%}
 {%- for user,keys in auth.items() -%}
  {%- for key in keys -%}
    {% if 'present' in key and key['present'] %}
 {%- macro print_name(identifier, key) -%}
 {%- if 'name' in key  %}
 {{ key['name'] }}:
  ssh_auth.present:
    - user: {{ user }}
      {%- if 'source' in key %}
 {%- else %}
 {{ identifier }}:
 {%- endif %}
 {%- endmacro -%}

 {%- macro print_ssh_auth(identifier, key) -%}
      {%- if 'user' in key  %}
    - user: {{ key['user'] }}
      {%- else %}
    - user: {{ identifier }}
      {%- endif %}
      {%- if 'present' in key and key['present'] and 'source' in key %}
    - source: {{ key['source'] }}
      {%- else %}
        {%- if 'enc' in key %}
@@ -22,21 +25,25 @@ include:
    - options: {{ key['options'] }}
        {%- endif -%}
      {%- endif %}
 {%- endmacro -%}

 include:
  - openssh
 {%- from "openssh/map.jinja" import openssh with context -%}
 {%- set openssh_pillar = pillar.get('openssh', {}) -%}
 {%- set auth = openssh_pillar.get('auth', {}) -%}
 {%- for identifier,keys in auth.items() -%}
  {%- for key in keys -%}
    {% if 'present' in key and key['present'] %}
 {{ print_name(identifier, key) }}:
  ssh_auth.present:
    {{ print_ssh_auth(identifier, key) }}
    - require:
      - service: {{ openssh.service }}
    {%- else %}
 {{ key['name'] }}:
 {{ print_name(identifier, key) }}:
  ssh_auth.absent:
    - user: {{ user }}
      {%- if 'enc' in key %}
    - enc: {{ key['enc'] }}
      {%- endif -%}
      {%- if 'comment' in key %}
    - comment: {{ key['comment'] }}
      {%- endif -%}
      {%- if 'options' in key %}
    - options: {{ key['options'] }}
      {%- endif -%}
    {{ print_ssh_auth(identifier, key) }}
    {%- endif -%}
  {%- endfor -%}
 {%- endfor -%}