Saltstack Official OpenSSH Formula

34 satır
1.1KB

  1. include:
  2. - openssh
  3. {% from "openssh/map.jinja" import openssh with context -%}
  4. {%- set openssh_pillar = salt["pillar.get"]("openssh", {}) -%}
  5. {%- set authorized_keys_file = salt["pillar.get"]("sshd_config:AuthorizedKeysFile", None) %}
  6. {%- for store, config in salt["pillar.get"]("openssh:auth_map", {}).items() %}
  7. {%- set store_base = config["source"] %}
  8. # SSH store openssh:auth_map:{{ store }}
  9. {%- for user, keys in config.get("users", {}).items() %}
  10. {%- for key, key_cfg in keys.items() %}
  11. "ssh_auth--{{ store }}--{{ user }}--{{ key }}":
  12. {%- set present = key_cfg.get("present", True) %}
  13. {%- set options = key_cfg.get("options", []) %}
  14. {%- if present %}
  15. ssh_auth.present:
  16. - require:
  17. - service: {{ openssh.service }}
  18. {%- else %}
  19. ssh_auth.absent:
  20. {%- endif %}
  21. - user: {{ user }}
  22. - source: {{ store_base }}/{{ key }}.pub
  23. {%- if authorized_keys_file %}
  24. - config: "{{ authorized_keys_file }}"
  25. {%- endif %}
  26. {%- if options %}
  27. - options: "{{ options }}"
  28. {%- endif %}
  29. {%- endfor %}
  30. {%- endfor %}
  31. {%- endfor %}