Browse Source
Merge pull request #89 from spoage/ssh_auth-use-pillars
Add ssh_auth_pillar option.lookup-fix-3
puneet kandhari
9 years ago
2 changed files with 11 additions and 1 deletions
+ 3
- 0
pillar.example
View File
| # with the given keys | # with the given keys | ||||
| ssh_auth_file: | ssh_auth_file: | ||||
| - PUBLICKEY | - PUBLICKEY | ||||
| # ... or you can pull them from a different pillar similar to ssh_keys_pillar | |||||
| ssh_auth_pillar: | |||||
| id_rsa: "ssh_keys" | |||||
| # If you prefer to keep public keys as files rather | # If you prefer to keep public keys as files rather | ||||
| # than inline in pillar, this works. | # than inline in pillar, this works. | ||||
| ssh_auth_sources: | ssh_auth_sources: |
+ 8
- 1
users/init.sls
View File
| {% endfor %} | {% endfor %} | ||||
| {% endif %} | {% endif %} | ||||
| {% if 'ssh_auth_file' in user %} | |||||
| {% if 'ssh_auth_file' in user or 'ssh_auth_pillar' in user %} | |||||
| users_authorized_keys_{{ name }}: | users_authorized_keys_{{ name }}: | ||||
| file.managed: | file.managed: | ||||
| - name: {{ home }}/.ssh/authorized_keys | - name: {{ home }}/.ssh/authorized_keys | ||||
| - user: {{ name }} | - user: {{ name }} | ||||
| - group: {{ name }} | - group: {{ name }} | ||||
| - mode: 600 | - mode: 600 | ||||
| {% if 'ssh_auth_file' in user %} | |||||
| - contents: | | - contents: | | ||||
| {% for auth in user.ssh_auth_file -%} | {% for auth in user.ssh_auth_file -%} | ||||
| {{ auth }} | {{ auth }} | ||||
| {% endfor -%} | {% endfor -%} | ||||
| {% else %} | |||||
| - contents: | | |||||
| {%- for key_name, pillar_name in user['ssh_auth_pillar'].iteritems() %} | |||||
| {{ salt['pillar.get'](pillar_name + ':' + key_name + ':pubkey', '') }} | |||||
| {%- endfor %} | |||||
| {% endif %} | |||||
| {% endif %} | {% endif %} | ||||
| {% if 'ssh_auth' in user %} | {% if 'ssh_auth' in user %} |
Loading…