|
|
|
|
|
|
|
|
{% set used_sudo = [] %} |
|
|
{% set used_sudo = [] %} |
|
|
{% set used_googleauth = [] %} |
|
|
{% set used_googleauth = [] %} |
|
|
|
|
|
|
|
|
{%- for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %} |
|
|
|
|
|
|
|
|
{%- for name, user in pillar.get('users', {}).items() |
|
|
|
|
|
if user.absent is not defined or not user.absent %} |
|
|
{%- if user == None -%} |
|
|
{%- if user == None -%} |
|
|
{%- set user = {} -%} |
|
|
{%- set user = {} -%} |
|
|
{%- endif -%} |
|
|
{%- endif -%} |
|
|
|
|
|
|
|
|
{%- endif %} |
|
|
{%- endif %} |
|
|
{%- endif %} |
|
|
{%- endif %} |
|
|
|
|
|
|
|
|
{% for name, user in pillar.get('users', {}).items() if user.absent is not defined or not user.absent %} |
|
|
|
|
|
|
|
|
{% for name, user in pillar.get('users', {}).items() |
|
|
|
|
|
if user.absent is not defined or not user.absent %} |
|
|
{%- if user == None -%} |
|
|
{%- if user == None -%} |
|
|
{%- set user = {} -%} |
|
|
{%- set user = {} -%} |
|
|
{%- endif -%} |
|
|
{%- endif -%} |
|
|
|
|
|
|
|
|
{% endfor %} |
|
|
{% endfor %} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% if 'ssh_keys' in user or 'ssh_auth' in user or 'ssh_auth_file' in user or 'ssh_auth.absent' in user or 'ssh_config' in user %} |
|
|
|
|
|
|
|
|
{% if 'ssh_keys' in user or |
|
|
|
|
|
'ssh_auth' in user or |
|
|
|
|
|
'ssh_auth_file' in user or |
|
|
|
|
|
'ssh_auth.absent' in user or |
|
|
|
|
|
'ssh_config' in user %} |
|
|
user_keydir_{{ name }}: |
|
|
user_keydir_{{ name }}: |
|
|
file.directory: |
|
|
file.directory: |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh |
|
|
|
|
|
|
|
|
{% set key_type = 'id_' + user.get('ssh_key_type', 'rsa') %} |
|
|
{% set key_type = 'id_' + user.get('ssh_key_type', 'rsa') %} |
|
|
users_user_{{ name }}_private_key: |
|
|
users_user_{{ name }}_private_key: |
|
|
file.managed: |
|
|
file.managed: |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh/{{ key_type }} |
|
|
|
|
|
|
|
|
- name: {{ user.get('home', |
|
|
|
|
|
'/home/{0}'.format(name)) }}/.ssh/{{ key_type }} |
|
|
- user: {{ name }} |
|
|
- user: {{ name }} |
|
|
- group: {{ user_group }} |
|
|
- group: {{ user_group }} |
|
|
- mode: 600 |
|
|
- mode: 600 |
|
|
|
|
|
|
|
|
{% endfor %} |
|
|
{% endfor %} |
|
|
users_user_{{ name }}_public_key: |
|
|
users_user_{{ name }}_public_key: |
|
|
file.managed: |
|
|
file.managed: |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh/{{ key_type }}.pub |
|
|
|
|
|
|
|
|
- name: {{ user.get('home', |
|
|
|
|
|
'/home/{0}'.format(name)) }}/.ssh/{{ key_type }}.pub |
|
|
- user: {{ name }} |
|
|
- user: {{ name }} |
|
|
- group: {{ user_group }} |
|
|
- group: {{ user_group }} |
|
|
- mode: 644 |
|
|
- mode: 644 |
|
|
|
|
|
|
|
|
{% for key_name, pillar_name in user['ssh_keys_pillar'].items() %} |
|
|
{% for key_name, pillar_name in user['ssh_keys_pillar'].items() %} |
|
|
user_ssh_keys_files_{{ name }}_{{ key_name }}_private_key: |
|
|
user_ssh_keys_files_{{ name }}_{{ key_name }}_private_key: |
|
|
file.managed: |
|
|
file.managed: |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh/{{ key_name }} |
|
|
|
|
|
|
|
|
- name: {{ user.get('home', |
|
|
|
|
|
'/home/{0}'.format(name)) }}/.ssh/{{ key_name }} |
|
|
- user: {{ name }} |
|
|
- user: {{ name }} |
|
|
- group: {{ user_group }} |
|
|
- group: {{ user_group }} |
|
|
- mode: 600 |
|
|
- mode: 600 |
|
|
|
|
|
|
|
|
{% endfor %} |
|
|
{% endfor %} |
|
|
user_ssh_keys_files_{{ name }}_{{ key_name }}_public_key: |
|
|
user_ssh_keys_files_{{ name }}_{{ key_name }}_public_key: |
|
|
file.managed: |
|
|
file.managed: |
|
|
- name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh/{{ key_name }}.pub |
|
|
|
|
|
|
|
|
- name: {{ user.get('home', |
|
|
|
|
|
'/home/{0}'.format(name)) }}/.ssh/{{ key_name }}.pub |
|
|
- user: {{ name }} |
|
|
- user: {{ name }} |
|
|
- group: {{ user_group }} |
|
|
- group: {{ user_group }} |
|
|
- mode: 644 |
|
|
- mode: 644 |
|
|
|
|
|
|
|
|
{% endfor %} |
|
|
{% endfor %} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% for name, user in pillar.get('users', {}).items() if user.absent is defined and user.absent %} |
|
|
|
|
|
|
|
|
{% for name, user in pillar.get('users', {}).items() |
|
|
|
|
|
if user.absent is defined and user.absent %} |
|
|
users_absent_user_{{ name }}: |
|
|
users_absent_user_{{ name }}: |
|
|
{% if 'purge' in user or 'force' in user %} |
|
|
{% if 'purge' in user or 'force' in user %} |
|
|
user.absent: |
|
|
user.absent: |