From ebe5198f9d6d9c4ca9dc423acf7b86f5ede8f1be Mon Sep 17 00:00:00 2001
From: madflojo <ben@bencane.com>
Date: Wed, 29 Jan 2014 19:53:09 -0700
Subject: [PATCH] Modified Private Keys and Sudoers

Changed Private keys to have content within pillar rather than the salt
file repository.

Changes sudoers entry to get values from pillar rather than assuming
all sudo users want root.
---
 users/init.sls | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/users/init.sls b/users/init.sls
index b400981..4428f6b 100644
--- a/users/init.sls
+++ b/users/init.sls
@@ -76,14 +76,14 @@ user_keydir_{{ name }}:
       - group: {{ group }}
       {%- endfor %}
 
-  {% if 'privkey' in user %}
+  {% if 'ssh_keys' in user %}
 user_{{ name }}_private_key:
   file.managed:
     - name: {{ user.get('home', '/home/{0}'.format(name)) }}/.ssh/id_rsa
     - user: {{ name }}
     - group: {{ user_group }}
     - mode: 600
-    - source: salt://keys/{{ user['privkey'] }}
+    - contents: {{ user['ssh_keys']['privkey'] }} 
     - require:
       - user: {{ name }}_user
       {% for group in user.get('groups', []) %}
@@ -95,7 +95,7 @@ user_{{ name }}_public_key:
     - user: {{ name }}
     - group: {{ name }}
     - mode: 644
-    - source: salt://keys/{{ user['privkey'] }}.pub
+    - contents: {{ user['ssh_keys']['pubkey'] }} 
     - require:
       - user: {{ name }}_user
       {% for group in user.get('groups', []) %}
@@ -127,7 +127,9 @@ sudoer-{{ name }}:
 /etc/sudoers.d/{{ name }}:
   file.append:
   - text:
-    - "{{ name }}    ALL=(ALL)  NOPASSWD: ALL"
+    {% for rule in user.get('sudo_rules', []) %}
+    - {{ rule }}
+    {% endfor %}
   - require:
     - file: sudoer-defaults
     - file: sudoer-{{ name }}