saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssh-formula/openssh/files/ssh_config
ketzacoatl 143451eb19 Add support for Host definitions in ssh_config 
This gives us the ability to define system-wide definitions for specific Hosts, and their options.

For example, with this in pillar:

```
# this is the place for host-wide SSH config
ssh_config:
  ...
  Hosts:
    # this simplifies cloning with custom params
    # eg: git clone my-git:foo/bar
    my-git:
      User: git
      HostName: git.example.com
      Port: 2222
```

This would add a section in `/etc/ssh/ssh_config`:

```
Host my-git
    User git
    HostName git.example.com
    Port 2222
```
2016-01-02 18:12:55 -05:00

98 lines
3.3 KiB
Plaintext
Raw Blame History

{%- set ssh_config = pillar.get('ssh_config', {}) -%}
{#- present in ssh_config and known in actual file options -#}
{%- set processed_options = [] -%}
{#- generic renderer used for ssh matches, known options, -#}
{#- and unknown options -#}
{%- macro render_option(keyword, default, config_dict=ssh_config) -%}
{%- set value = config_dict.get(keyword, default) -%}
{%- if value is sameas true -%}
{{ keyword }} yes
{%- elif value is sameas false -%}
{{ keyword }} no
{%- elif value is string or value is number -%}
{{ keyword }} {{ value }}
{%- else -%}
{%- for single_value in value -%}
{{ keyword }} {{ single_value }}
{% endfor -%}
{%- endif -%}
{%- endmacro -%}
{#- macros for render option according to present -#}
{%- macro option_impl(keyword, default, present) -%}
{%- if present -%}
{%- do processed_options.append(keyword) -%}
{%- set prefix='' -%}
{%- else -%}
{%- set prefix='#' -%}
{%- endif -%}
{#- add prefix to keyword -#}
{%- set keyword = prefix ~ keyword -%}
{{ render_option(keyword, default) }}
{%- endmacro -%}
{#- macros for render option commented by default -#}
{%- macro option(keyword, default, present) -%}
{{ option_impl(keyword, default, keyword in ssh_config) }}
{%- endmacro -%}
{#- macros for render option uncommented by default -#}
{%- macro option_default_uncommented(keyword, default, present) -%}
{{ option_impl(keyword, default, True) }}
{%- endmacro -%}
# Do not edit this file manually!
# It will be overwritten by salt!
{{ option_default_uncommented('Host', '*') }}
{{ option(' ForwardAgent', 'no') }}
{{ option(' ForwardX11', 'no') }}
{{ option(' RhostsRSAAuthentication', 'no') }}
{{ option(' RSAAuthentication', 'yes') }}
{{ option(' PasswordAuthentication', 'yes') }}
{{ option(' HostbasedAuthentication', 'no') }}
{{ option(' GSSAPIAuthentication', 'no') }}
{{ option(' GSSAPIDelegateCredentials', 'no') }}
{{ option(' BatchMode', 'no') }}
{{ option(' CheckHostIP', 'yes') }}
{{ option(' AddressFamily', 'any') }}
{{ option(' ConnectTimeout', 0) }}
{{ option(' StrictHostKeyChecking', 'ask') }}
{{ option(' IdentityFile', '~/.ssh/id_rsa') }}
{{ option(' Port', 22) }}
{{ option(' Protocol', 2) }}
{{ option(' Cipher', '3des') }}
{{ option(' Tunnel', 'no') }}
{{ option(' TunnelDevice', 'any:any') }}
{{ option(' PermitLocalCommand', 'no') }}
{{ option(' VisualHostKey', 'no') }}
{%- if 'Hosts' in ssh_config %}
{%- do processed_options.append('Hosts') %}
{% for host, conf in ssh_config['Hosts'].items() %}
Host {{ host }}
{%- for key, val in conf.items() %}
{{ key }} {{ val }}{%- endfor %}
{%- endfor %}
{%- endif %}
{# Handling unknown in salt template options #}
{%- for keyword in ssh_config.keys() %}
{#- Matches have to be at the bottom and should be handled differently -#}
{%- if not keyword in processed_options and keyword != 'matches' -%}
{#- send a blank default as it doesn't matter #}
{{ render_option(keyword, '') }}
{%- endif -%}
{%- endfor %}
{# Handle matches last as they need to go at the bottom #}
{%- if 'matches' in ssh_config %}
{%- for match in ssh_config['matches'].values() %}
Match {{ match['type'].keys()[0] }} {{ match['type'].values()[0] }}
{%- for keyword in match['options'].keys() %}
{{ render_option(keyword, '', config_dict=match['options']) }}
{%- endfor %}
{%- endfor %}
{%- endif %}
Reference in New Issue View Git Blame Copy Permalink