saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssh-formula/openssh/files/ssh_known_hosts
Alexander Weidinger 70461403cb known_hosts: sort IP addresses 
in order to prevent unnecessary changes due to
random ordering of dig results.
2017-02-23 03:59:40 +01:00

39 lines
1.6 KiB
Django/Jinja
Raw Blame History

{#
# vi:syntax=jinja
#}
{%- set target = salt['pillar.get']('openssh:known_hosts:target', '*') -%}
{%- set expr_form = salt['pillar.get']('openssh:known_hosts:expr_form', 'glob') -%}
{%- set keys_function = salt['pillar.get']('openssh:known_hosts:mine_keys_function', 'public_ssh_host_keys') -%}
{%- set hostname_function = salt['pillar.get']('openssh:known_hosts:mine_hostname_function', 'public_ssh_hostname') -%}
{#- Lookup IP of all aliases so that when we have a matching IP, we inject the alias name
in the SSH known_hosts entry -#}
{%- set aliases = salt['pillar.get']('openssh:known_hosts:aliases', []) -%}
{%- set aliases_ips = {} -%}
{%- for alias in aliases -%}
{%- for ip in salt['dig.A'](alias) + salt['dig.AAAA'](alias) -%}
{%- do aliases_ips.setdefault(ip, []).append(alias) -%}
{%- endfor -%}
{%- endfor -%}
{#- Loop over targetted minions -#}
{%- set host_keys = salt['mine.get'](target, keys_function, expr_form=expr_form) -%}
{%- set host_names = salt['mine.get'](target, hostname_function, expr_form=expr_form) -%}
{%- for host, keys in host_keys|dictsort -%}
{%- set ip4 = salt['dig.A'](host) -%}
{%- set ip6 = salt['dig.AAAA'](host) -%}
{%- set names = [host_names.get(host, host)] -%}
{%- for ip in (ip4 + ip6)|sort -%}
{%- do names.append(ip) -%}
{%- for alias in aliases_ips.get(ip, []) -%}
{%- if alias not in names -%}
{%- do names.append(alias) -%}
{%- endif -%}
{%- endfor -%}
{%- endfor -%}
{%- for line in keys.split('\n') -%}
{%- if line -%}
{{ ','.join(names) }} {{ line }}
{% endif -%}
{%- endfor -%}
{%- endfor -%}
Reference in New Issue View Git Blame Copy Permalink