Merge pull request #55 from nigelsim/default-host
Allow Host: * options to be overridden in the pillar
This commit is contained in:
commit
d5db2a6e89
@ -8,3 +8,27 @@ openssh:
|
|||||||
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
||||||
dig_pkg: dnsutils
|
dig_pkg: dnsutils
|
||||||
ssh_moduli: /etc/ssh/moduli
|
ssh_moduli: /etc/ssh/moduli
|
||||||
|
ssh_config:
|
||||||
|
Hosts:
|
||||||
|
'*':
|
||||||
|
ForwardAgent: no
|
||||||
|
ForwardX11: no
|
||||||
|
RhostsRSAAuthentication: no
|
||||||
|
RSAAuthentication: yes
|
||||||
|
PasswordAuthentication: yes
|
||||||
|
HostbasedAuthentication: no
|
||||||
|
GSSAPIAuthentication: no
|
||||||
|
GSSAPIDelegateCredentials: no
|
||||||
|
BatchMode: no
|
||||||
|
CheckHostIP: yes
|
||||||
|
AddressFamily: any
|
||||||
|
ConnectTimeout: 0
|
||||||
|
StrictHostKeyChecking: ask
|
||||||
|
IdentityFile: "~/.ssh/id_rsa"
|
||||||
|
Port: 22
|
||||||
|
Protocol: 2
|
||||||
|
Cipher: 3des
|
||||||
|
Tunnel: no
|
||||||
|
TunnelDevice: "any:any"
|
||||||
|
PermitLocalCommand: no
|
||||||
|
VisualHostKey: no
|
||||||
|
@ -1,11 +1,9 @@
|
|||||||
{%- set ssh_config = pillar.get('ssh_config', {}) -%}
|
{%- import_yaml "openssh/defaults.yaml" as default_settings -%}
|
||||||
|
{%- set ssh_config = salt['pillar.get']('ssh_config', default=default_settings.ssh_config, merge=True) -%}
|
||||||
{#- present in ssh_config and known in actual file options -#}
|
{#- present in ssh_config and known in actual file options -#}
|
||||||
{%- set processed_options = [] -%}
|
{%- set processed_options = [] -%}
|
||||||
|
|
||||||
{#- generic renderer used for ssh matches, known options, -#}
|
{%- macro render_raw_option(keyword, value) -%}
|
||||||
{#- and unknown options -#}
|
|
||||||
{%- macro render_option(keyword, default, config_dict=ssh_config) -%}
|
|
||||||
{%- set value = config_dict.get(keyword, default) -%}
|
|
||||||
{%- if value is sameas true -%}
|
{%- if value is sameas true -%}
|
||||||
{{ keyword }} yes
|
{{ keyword }} yes
|
||||||
{%- elif value is sameas false -%}
|
{%- elif value is sameas false -%}
|
||||||
@ -19,6 +17,13 @@
|
|||||||
{%- endif -%}
|
{%- endif -%}
|
||||||
{%- endmacro -%}
|
{%- endmacro -%}
|
||||||
|
|
||||||
|
{#- generic renderer used for ssh matches, known options, -#}
|
||||||
|
{#- and unknown options -#}
|
||||||
|
{%- macro render_option(keyword, default, config_dict=ssh_config) -%}
|
||||||
|
{%- set value = config_dict.get(keyword, default) -%}
|
||||||
|
{{ render_raw_option(keyword, value) }}
|
||||||
|
{%- endmacro -%}
|
||||||
|
|
||||||
{#- macros for render option according to present -#}
|
{#- macros for render option according to present -#}
|
||||||
{%- macro option_impl(keyword, default, present) -%}
|
{%- macro option_impl(keyword, default, present) -%}
|
||||||
{%- if present -%}
|
{%- if present -%}
|
||||||
@ -45,35 +50,13 @@
|
|||||||
# Do not edit this file manually!
|
# Do not edit this file manually!
|
||||||
# It will be overwritten by salt!
|
# It will be overwritten by salt!
|
||||||
|
|
||||||
{{ option_default_uncommented('Host', '*') }}
|
|
||||||
{{ option(' ForwardAgent', 'no') }}
|
|
||||||
{{ option(' ForwardX11', 'no') }}
|
|
||||||
{{ option(' RhostsRSAAuthentication', 'no') }}
|
|
||||||
{{ option(' RSAAuthentication', 'yes') }}
|
|
||||||
{{ option(' PasswordAuthentication', 'yes') }}
|
|
||||||
{{ option(' HostbasedAuthentication', 'no') }}
|
|
||||||
{{ option(' GSSAPIAuthentication', 'no') }}
|
|
||||||
{{ option(' GSSAPIDelegateCredentials', 'no') }}
|
|
||||||
{{ option(' BatchMode', 'no') }}
|
|
||||||
{{ option(' CheckHostIP', 'yes') }}
|
|
||||||
{{ option(' AddressFamily', 'any') }}
|
|
||||||
{{ option(' ConnectTimeout', 0) }}
|
|
||||||
{{ option(' StrictHostKeyChecking', 'ask') }}
|
|
||||||
{{ option(' IdentityFile', '~/.ssh/id_rsa') }}
|
|
||||||
{{ option(' Port', 22) }}
|
|
||||||
{{ option(' Protocol', 2) }}
|
|
||||||
{{ option(' Cipher', '3des') }}
|
|
||||||
{{ option(' Tunnel', 'no') }}
|
|
||||||
{{ option(' TunnelDevice', 'any:any') }}
|
|
||||||
{{ option(' PermitLocalCommand', 'no') }}
|
|
||||||
{{ option(' VisualHostKey', 'no') }}
|
|
||||||
|
|
||||||
{%- if 'Hosts' in ssh_config %}
|
{%- if 'Hosts' in ssh_config %}
|
||||||
{%- do processed_options.append('Hosts') %}
|
{%- do processed_options.append('Hosts') %}
|
||||||
{% for host, conf in ssh_config['Hosts'].items() %}
|
{% for host, conf in ssh_config['Hosts'].items() %}
|
||||||
Host {{ host }}
|
Host {{ host }}
|
||||||
{%- for key, val in conf.items() %}
|
{%- for key, val in conf.items() %}
|
||||||
{{ key }} {{ val }}{%- endfor %}
|
{{ render_raw_option(key, val) }}
|
||||||
|
{%- endfor %}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user