Add ~/.ssh/config management
This adds the ability to manage the ~/.ssh/config file for users.
This commit is contained in:
parent
3fc2a2bac9
commit
57c82f3324
@ -44,6 +44,17 @@ users:
|
||||
# than inline in pillar, this works.
|
||||
ssh_auth_sources:
|
||||
- salt://keys/buser.id_rsa.pub
|
||||
# Manage the ~/.ssh/config file
|
||||
ssh_config:
|
||||
all:
|
||||
hostname: "*"
|
||||
options:
|
||||
- "StrictHostKeyChecking no"
|
||||
- "UserKnownHostsFile=/dev/null"
|
||||
importanthost:
|
||||
hostname: "needcheck.example.com"
|
||||
options:
|
||||
- "StrictHostKeyChecking yes"
|
||||
|
||||
google_auth:
|
||||
ssh: |
|
||||
|
@ -208,6 +208,24 @@ users_ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% if 'ssh_config' in user %}
|
||||
users_ssh_config_{{ name }}:
|
||||
file.managed:
|
||||
- name: {{ home }}/.ssh/config
|
||||
- user: {{ name }}
|
||||
- group: {{ user_group }}
|
||||
- mode: 640
|
||||
- contents: |
|
||||
# Managed by Saltstack
|
||||
{% for label, setting in user.ssh_config.items() %}
|
||||
# {{ label }}
|
||||
Host {{ setting.get('hostname') }}
|
||||
{%- for opts in setting.get('options') %}
|
||||
{{ opts }}
|
||||
{%- endfor %}
|
||||
{% endfor -%}
|
||||
{% endif %}
|
||||
|
||||
{% if 'sudouser' in user and user['sudouser'] %}
|
||||
|
||||
users_sudoer-{{ name }}:
|
||||
|
Loading…
Reference in New Issue
Block a user