2014-01-04 03:32:05 +01:00
|
|
|
{% from "openssh/map.jinja" import openssh with context %}
|
|
|
|
|
|
|
|
|
|
include:
|
|
|
|
|
- openssh
|
|
|
|
|
|
|
|
|
|
sshd_config:
|
|
|
|
|
file.managed:
|
|
|
|
|
- name: {{ openssh.sshd_config }}
|
|
|
|
|
- source: {{ openssh.sshd_config_src }}
|
2014-01-09 13:57:00 +01:00
|
|
|
- template: jinja
|
|
|
|
|
- user: root
|
|
|
|
|
- mode: 644
|
2014-01-04 03:32:05 +01:00
|
|
|
- watch_in:
|
2014-01-09 13:54:49 +01:00
|
|
|
- service: openssh
|
2014-01-04 03:32:05 +01:00
|
|
|
|
2014-08-24 12:50:36 +02:00
|
|
|
{% for keyType in ['dsa', 'rsa'] %}
|
|
|
|
|
{% if salt['pillar.get']('openssh:provide_' ~ keyType ~ '_keys', False) %}
|
|
|
|
|
ssh_host_{{ keyType }}_key:
|
2014-03-17 23:17:04 +01:00
|
|
|
file.managed:
|
2014-08-24 12:50:36 +02:00
|
|
|
- name: /etc/ssh/ssh_host_{{ keyType }}_key
|
|
|
|
|
- contents_pillar: 'openssh:{{ keyType }}:private_key'
|
2014-03-17 23:17:04 +01:00
|
|
|
- user: root
|
|
|
|
|
- mode: 600
|
|
|
|
|
- require_in:
|
|
|
|
|
- service: {{ openssh.service }}
|
|
|
|
|
|
2014-08-24 12:50:36 +02:00
|
|
|
ssh_host_{{ keyType }}_key.pub:
|
2014-03-17 23:17:04 +01:00
|
|
|
file.managed:
|
2014-08-24 12:50:36 +02:00
|
|
|
- name: /etc/ssh/ssh_host_{{ keyType }}_key.pub
|
|
|
|
|
- contents_pillar: 'openssh:{{ keyType }}:public_key'
|
2014-03-17 23:17:04 +01:00
|
|
|
- user: root
|
|
|
|
|
- mode: 600
|
|
|
|
|
- require_in:
|
|
|
|
|
- service: {{ openssh.service }}
|
|
|
|
|
{% endif %}
|
2014-08-24 12:50:36 +02:00
|
|
|
{% endfor %}
|
