Fixed aliasing of host names

2025-04-19 20:02:10 +02:00 · 2018-05-01 22:35:47 +02:00 · 2018-05-01 22:35:47 +02:00 · 66fd619a1a
commit 66fd619a1a
parent 1a70a129d5
3 changed files with 20 additions and 7 deletions
--- a/README.rst
+++ b/README.rst
@ -87,7 +87,7 @@ setup those functions through pillar::
        mine_function: cmd.run
        cmd: cat /etc/ssh/ssh_host_*_key.pub
        python_shell: True
-      public_ssh_hostname:
+      public_ssh_host_names:
        mine_function: grains.get
        key: id

@ -132,6 +132,16 @@ The state tries to fetch the SSH host keys via ``salt-ssh``. It calls the comman
        salt_ssh:
          user: salt-master

+It's possible to define aliases for certain hosts::
+
+    openssh:
+      known_hosts:
+        salt_ssh:
+          public_ssh_host_names:
+            minion.id:
+              - minion.id
+              - alias.of.minion.id
+
 You can use a cronjob to populate a host key cache::

    # crontab -e -u salt-master
--- a/_pillar/known_hosts_salt_ssh.sls
+++ b/_pillar/known_hosts_salt_ssh.sls
@ -1,12 +1,13 @@
 #!py

-import logging as log
+import logging
 import os.path
 import re
 import subprocess

 cache = {}
 ssh_key_pattern = re.compile("^[^ ]+ (ssh-.+)$")
+log = logging.getLogger(__name__)

 def config_dir():
    if '__master_opts__' in __opts__:
@ -103,11 +104,11 @@ def host_keys(minion_id):
 def run():
    config = {
        'public_ssh_host_keys': {},
-        'public_ssh_hostname': {}
+        'public_ssh_host_names': {}
    }
    for minion in minions().keys():
-        config['public_ssh_hostname'][minion] = minion
        config['public_ssh_host_keys'][minion] = host_keys(minion)
+        config['public_ssh_host_names'][minion] = minion
    return {'openssh': {'known_hosts': {'salt_ssh': config}}}

 # vim: ts=4:sw=4:syntax=python
--- a/openssh/files/ssh_known_hosts
+++ b/openssh/files/ssh_known_hosts
@ -11,7 +11,8 @@

 {#-   The host names to use are to be found within the dict 'host_names'. #}
 {#-   If there are none, the host is used directly. #}
-{%-   set names = [host_names.get(host, host)] -%}
+{%-   set names = host_names.get(host, host) -%}
+{%-   set names = [names] if names is string else names %}

 {#-   Extract the hostname from the FQDN and add it to the names. #}
 {%-   if use_hostnames is iterable -%}
@ -76,12 +77,13 @@
 {%      do host_keys.update({minion_id: minion_host_keys}) %}
 {%-   endif -%}
 {%- endfor -%}
-{%- for minion_id, minion_host_name in salt['pillar.get'](
+{%- for minion_id, minion_host_names in salt['pillar.get'](
  'openssh:known_hosts:salt_ssh:public_ssh_host_names',
  {}
 ).items() -%}
+{{ minion_host_names }}
 {%-   if salt["match.{}".format(tgt_type)](target, minion_id=minion_id) -%}
-{%      do host_names.update({minion_id: minion_host_name}) %}
+{%      do host_names.update({minion_id: minion_host_names}) %}
 {%-   endif -%}
 {%- endfor %}