浏览代码

Moved the rsa/dsa key management to config.sls

master
Seth House 10 年前
父节点
当前提交
b44c26cd13
共有 2 个文件被更改,包括 39 次插入40 次删除
  1. +39
    -0
      openssh/config.sls
  2. +0
    -40
      openssh/init.sls

+ 39
- 0
openssh/config.sls 查看文件

@@ -14,3 +14,42 @@ sshd_config:
- watch_in:
- service: openssh

{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
ssh_host_dsa_key:
file.managed:
- name: /etc/ssh/ssh_host_dsa_key
- contents_pillar: 'openssh:dsa:private_key'
- user: root
- mode: 600
- require_in:
- service: {{ openssh.service }}

ssh_host_dsa_key.pub:
file.managed:
- name: /etc/ssh/ssh_host_dsa_key.pub
- contents_pillar: 'openssh:dsa:public_key'
- user: root
- mode: 600
- require_in:
- service: {{ openssh.service }}
{% endif %}

{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
ssh_host_rsa_key:
file.managed:
- name: /etc/ssh/ssh_host_rsa_key
- contents_pillar: 'openssh:rsa:private_key'
- user: root
- mode: 600
- require_in:
- service: {{ openssh.service }}

ssh_host_rsa_key.pub:
file.managed:
- name: /etc/ssh/ssh_host_rsa_key.pub
- contents_pillar: 'openssh:rsa:public_key'
- user: root
- mode: 600
- require_in:
- service: {{ openssh.service }}
{% endif %}

+ 0
- 40
openssh/init.sls 查看文件

@@ -8,43 +8,3 @@ openssh:
- name: {{ openssh.service }}
- require:
- pkg: {{ openssh.server }}
{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
- file: /etc/ssh/ssh_host_dsa_key
- file: /etc/ssh/ssh_host_dsa_key.pub
{% endif %}
{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
- file: /etc/ssh/ssh_host_rsa_key
- file: /etc/ssh/ssh_host_rsa_key.pub
{% endif %}

{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
ssh_host_dsa_key:
file.managed:
- name: /etc/ssh/ssh_host_dsa_key
- contents_pillar: 'openssh:dsa:private_key'
- user: root
- mode: 600

ssh_host_dsa_key.pub:
file.managed:
- name: /etc/ssh/ssh_host_dsa_key.pub
- contents_pillar: 'openssh:dsa:public_key'
- user: root
- mode: 600
{% endif %}

{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
ssh_host_rsa_key:
file.managed:
- name: /etc/ssh/ssh_host_rsa_key
- contents_pillar: 'openssh:rsa:private_key'
- user: root
- mode: 600

ssh_host_rsa_key.pub:
file.managed:
- name: /etc/ssh/ssh_host_rsa_key.pub
- contents_pillar: 'openssh:rsa:public_key'
- user: root
- mode: 600
{% endif %}

正在加载...
取消
保存