openssh-formula/openssh/auth.sls

{%- macro print_name(identifier, key) -%}
{%- if 'name' in key  %}
{{ key['name'] }}
{%- else %}
{{ identifier }}
{%- endif %}
{%- endmacro -%}

{%- macro print_ssh_auth(identifier, key) -%}
      {%- if 'user' in key  %}
    - user: {{ key['user'] }}
      {%- else %}
    - user: {{ identifier }}
      {%- endif %}
      {%- if 'present' in key and key['present'] and 'source' in key %}
    - source: {{ key['source'] }}
      {%- else %}
        {%- if 'enc' in key %}
    - enc: {{ key['enc'] }}
        {%- endif -%}
        {%- if 'comment' in key %}
    - comment: {{ key['comment'] }}
        {%- endif -%}
        {%- if 'options' in key %}
    - options: {{ key['options'] }}
        {%- endif -%}
      {%- endif %}
{%- endmacro -%}

include:
  - openssh
{%- from "openssh/map.jinja" import openssh with context -%}
{%- set openssh_pillar = pillar.get('openssh', {}) -%}
{%- set auth = openssh_pillar.get('auth', {}) -%}
{%- for identifier,keys in auth.iteritems() -%}
  {%- for key in keys -%}
    {% if 'present' in key and key['present'] %}
{{ print_name(identifier, key) }}:
  ssh_auth.present:
    {{ print_ssh_auth(identifier, key) }}
    - config: {{ pillar['sshd_config']['AuthorizedKeysFile'] }}
    - require:
      - service: {{ openssh.service }}
    {%- else %}
{{ print_name(identifier, key) }}:
  ssh_auth.absent:
    {{ print_ssh_auth(identifier, key) }}
    - config: {{ pillar['sshd_config']['AuthorizedKeysFile'] }}
    {%- endif -%}
  {%- endfor -%}
{%- endfor -%}
Use iteritems() instead of items(). Signed-off-by: René Jochum <rene@jochums.at> 2015-07-13 15:59:44 +02:00			`{%- macro print_name(identifier, key) -%}`
			`{%- if 'name' in key %}`
			`{{ key['name'] }}`
			`{%- else %}`
			`{{ identifier }}`
			`{%- endif %}`
			`{%- endmacro -%}`

			`{%- macro print_ssh_auth(identifier, key) -%}`
			`{%- if 'user' in key %}`
			`- user: {{ key['user'] }}`
			`{%- else %}`
			`- user: {{ identifier }}`
			`{%- endif %}`
			`{%- if 'present' in key and key['present'] and 'source' in key %}`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`- source: {{ key['source'] }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- else %}`
			`{%- if 'enc' in key %}`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`- enc: {{ key['enc'] }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- endif -%}`
			`{%- if 'comment' in key %}`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`- comment: {{ key['comment'] }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- endif -%}`
			`{%- if 'options' in key %}`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`- options: {{ key['options'] }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- endif -%}`
			`{%- endif %}`
Use iteritems() instead of items(). Signed-off-by: René Jochum <rene@jochums.at> 2015-07-13 15:59:44 +02:00			`{%- endmacro -%}`

			`include:`
			`- openssh`
			`{%- from "openssh/map.jinja" import openssh with context -%}`
			`{%- set openssh_pillar = pillar.get('openssh', {}) -%}`
			`{%- set auth = openssh_pillar.get('auth', {}) -%}`
			`{%- for identifier,keys in auth.iteritems() -%}`
			`{%- for key in keys -%}`
			`{% if 'present' in key and key['present'] %}`
			`{{ print_name(identifier, key) }}:`
			`ssh_auth.present:`
			`{{ print_ssh_auth(identifier, key) }}`
Put ssh keys on configured path in sshd_config (AuthorizedKeysFile) Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu> 2015-11-17 11:09:37 +01:00			`- config: {{ pillar['sshd_config']['AuthorizedKeysFile'] }}`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`- require:`
			`- service: {{ openssh.service }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- else %}`
Use iteritems() instead of items(). Signed-off-by: René Jochum <rene@jochums.at> 2015-07-13 15:59:44 +02:00			`{{ print_name(identifier, key) }}:`
Added support to manage ssh certificates 2014-02-09 23:38:30 +01:00			`ssh_auth.absent:`
Use iteritems() instead of items(). Signed-off-by: René Jochum <rene@jochums.at> 2015-07-13 15:59:44 +02:00			`{{ print_ssh_auth(identifier, key) }}`
Put ssh keys on configured path in sshd_config (AuthorizedKeysFile) Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu> 2015-11-17 11:09:37 +01:00			`- config: {{ pillar['sshd_config']['AuthorizedKeysFile'] }}`
Removed unneeded whitespace from auth.sls 2014-04-24 00:29:47 +02:00			`{%- endif -%}`
			`{%- endfor -%}`
Put ssh keys on configured path in sshd_config (AuthorizedKeysFile) Signed-off-by: POTIER Mathieu <mathieu.potier@onzeway.eu> 2015-11-17 11:09:37 +01:00			`{%- endfor -%}`