Remove duplicated pillar.get calls to retrieve the sshd_config and ssh_config pillars

2019-04-28 11:00:57 +08:00 · 2019-04-28 11:00:57 +08:00 · 3e01ad816a
commit 3e01ad816a
parent 463ad69d92
4 changed files with 14 additions and 16 deletions
--- a/openssh/auth.sls
+++ b/openssh/auth.sls
@ -29,17 +29,16 @@
 include:
  - openssh
-{%- from "openssh/map.jinja" import openssh with context -%}
+{%- from "openssh/map.jinja" import openssh, sshd_config with context -%}
-{%- set openssh_pillar = pillar.get('openssh', {}) -%}
+{%- set auth = openssh.get('auth', {}) -%}
 {%- set auth = openssh_pillar.get('auth', {}) -%}
 {%- for identifier,keys in auth.items() -%}
  {%- for key in keys -%}
    {% if 'present' in key and key['present'] %}
 {{ print_name(identifier, key) }}:
  ssh_auth.present:
    {{ print_ssh_auth(identifier, key) }}
-    {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
+    {%- if sshd_config.get("AuthorizedKeysFile", None) %}
-    - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
+    - config: '{{ sshd_config['AuthorizedKeysFile'] }}'
    {% endif %}
    - require:
      - service: {{ openssh.service }}
@ -47,8 +46,8 @@ include:
 {{ print_name(identifier, key) }}:
  ssh_auth.absent:
    {{ print_ssh_auth(identifier, key) }}
-    {%- if 'sshd_config' in pillar and 'AuthorizedKeysFile' in pillar['sshd_config'] %}
+    {%- if sshd_config.get("AuthorizedKeysFile", None) %}
-    - config: '{{ pillar['sshd_config']['AuthorizedKeysFile'] }}'
+    - config: '{{ sshd_config['AuthorizedKeysFile'] }}'
    {% endif -%}
    {%- endif -%}
  {%- endfor -%}
--- a/openssh/auth_map.sls
+++ b/openssh/auth_map.sls
@ -1,11 +1,10 @@
 include:
  - openssh
-{%  from "openssh/map.jinja" import openssh with context -%}
+{%  from "openssh/map.jinja" import openssh, sshd_config with context -%}
-{%- set openssh_pillar = salt["pillar.get"]("openssh", {}) -%}
+{%- set authorized_keys_file = sshd_config.get("AuthorizedKeysFile", None) %}
 {%- set authorized_keys_file = salt["pillar.get"]("sshd_config:AuthorizedKeysFile", None) %}
-{%- for store, config in salt["pillar.get"]("openssh:auth_map", {}).items() %}
+{%- for store, config in openssh.get("auth_map", {}).items() %}
 {%- set store_base = config["source"] %}
 # SSH store openssh:auth_map:{{ store }}
 {%-   for user, keys in config.get("users", {}).items() %}
--- a/openssh/config_ini.sls
+++ b/openssh/config_ini.sls
@ -1,9 +1,9 @@
-{% from "openssh/map.jinja" import openssh with context %}
+{% from "openssh/map.jinja" import openssh, sshd_config with context %}
 include:
  - openssh
-{% if salt['pillar.get']('sshd_config', False) %}
+{% if sshd_config %}
 sshd_config-with-ini:
  ini.options_present:
    - name: {{ openssh.sshd_config }}
@ -11,7 +11,7 @@ sshd_config-with-ini:
    - watch_in:
      - service: {{ openssh.service }}
    - sections:
-        {%- for k,v in salt['pillar.get']('sshd_config',{}).items() %}
+        {%- for k,v in sshd_config.items() %}
        {{ k }}: '{{ v }}'
        {%- endfor %}
 {% endif %}
--- a/openssh/files/ssh_config
+++ b/openssh/files/ssh_config
@ -1,5 +1,5 @@
-{%- import_yaml "openssh/defaults.yaml" as default_settings -%}
+{% from "openssh/map.jinja" import ssh_config with context %}
-{%- set ssh_config = salt['pillar.get']('ssh_config', default=default_settings.default.ssh_config, merge=True) -%}
+
 {#- present in ssh_config and known in actual file options -#}
 {%- set processed_options = [] -%}
 {%- set string_or_list_options = ['KexAlgorithms', 'Ciphers', 'MACs'] -%}