From d416b6d8393593f85667a2c0ae578cb228102eb8 Mon Sep 17 00:00:00 2001
From: root <github.com@daschatten.de>
Date: Fri, 13 Mar 2015 13:32:39 +0100
Subject: [PATCH] Move ssh_auth_file key processing to before ssh_auth key to
 extend instead of overwrite functionality.

---
 users/init.sls | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/users/init.sls b/users/init.sls
index ea548d6..181d4a0 100644
--- a/users/init.sls
+++ b/users/init.sls
@@ -142,6 +142,17 @@ user_{{ name }}_public_key:
       {% endfor %}
   {% endif %}
 
+{% if 'ssh_auth_file' in user %}
+{{ home }}/.ssh/authorized_keys:
+  file.managed:
+    - user: {{ name }}
+    - group: {{ name }}
+    - mode: 600
+    - contents: |
+        {% for auth in user.ssh_auth_file -%}
+        {{ auth }}
+        {% endfor -%}
+{% endif %}
 
 {% if 'ssh_auth' in user %}
 {% for auth in user['ssh_auth'] %}
@@ -167,18 +178,6 @@ ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
 {% endfor %}
 {% endif %}
 
-{% if 'ssh_auth_file' in user %}
-{{ home }}/.ssh/authorized_keys:
-  file.managed:
-    - user: {{ name }}
-    - group: {{ name }}
-    - mode: 600
-    - contents: |
-        {% for auth in user.ssh_auth_file -%}
-        {{ auth }}
-        {% endfor -%}
-{% endif %}
-
 {% if 'sudouser' in user and user['sudouser'] %}
 
 sudoer-{{ name }}: