Add 'ssh_auth_file' pillar key to generate an authorized_keys file from given ssh public keys.

2015-02-12 23:09:56 +01:00 · 2015-02-12 23:09:56 +01:00 · fdc2fc2dfc
commit fdc2fc2dfc
parent e39a9537ba
2 changed files with 16 additions and 0 deletions
--- a/pillar.example
+++ b/pillar.example
@ -28,6 +28,10 @@ users:
      - PUBLICKEY
    ssh_auth.absent:
      - PUBLICKEY_TO_BE_REMOVED
+    # Generates an authorized_keys file for the user
+    # with the given keys
+    ssh_auth_file:
+      - PUBLICKEY
    google_auth:
      ssh: |
        SOMEGAUTHHASHVAL
--- a/users/init.sls
+++ b/users/init.sls
@ -167,6 +167,18 @@ ssh_auth_delete_{{ name }}_{{ loop.index0 }}:
 {% endfor %}
 {% endif %}

+{% if 'ssh_auth_file' in user %}
+{{ home }}/.ssh/authorized_keys:
+  file.managed:
+    - user: {{ name }}
+    - group: {{ name }}
+    - mode: 600
+    - contents: |
+        {% for auth in user.ssh_auth_file -%}
+        {{ auth }}
+        {% endfor -%}
+{% endif %}
+
 {% if 'sudouser' in user and user['sudouser'] %}

 sudoer-{{ name }}: