From b44c26cd13dd8d04f20afba0a7bdb09ad4507afd Mon Sep 17 00:00:00 2001
From: Seth House <seth@eseth.com>
Date: Mon, 17 Mar 2014 16:17:04 -0600
Subject: [PATCH] Moved the rsa/dsa key management to config.sls

---
 openssh/config.sls | 39 +++++++++++++++++++++++++++++++++++++++
 openssh/init.sls   | 40 ----------------------------------------
 2 files changed, 39 insertions(+), 40 deletions(-)

diff --git a/openssh/config.sls b/openssh/config.sls
index 1a9e7a8..b16ab28 100644
--- a/openssh/config.sls
+++ b/openssh/config.sls
@@ -14,3 +14,42 @@ sshd_config:
     - watch_in:
       - service: openssh
 
+{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
+ssh_host_dsa_key:
+  file.managed:
+    - name: /etc/ssh/ssh_host_dsa_key
+    - contents_pillar: 'openssh:dsa:private_key'
+    - user: root
+    - mode: 600
+    - require_in:
+      - service: {{ openssh.service }}
+
+ssh_host_dsa_key.pub:
+  file.managed:
+    - name: /etc/ssh/ssh_host_dsa_key.pub
+    - contents_pillar: 'openssh:dsa:public_key'
+    - user: root
+    - mode: 600
+    - require_in:
+      - service: {{ openssh.service }}
+{% endif %}
+
+{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
+ssh_host_rsa_key:
+  file.managed:
+    - name: /etc/ssh/ssh_host_rsa_key
+    - contents_pillar: 'openssh:rsa:private_key'
+    - user: root
+    - mode: 600
+    - require_in:
+      - service: {{ openssh.service }}
+
+ssh_host_rsa_key.pub:
+  file.managed:
+    - name: /etc/ssh/ssh_host_rsa_key.pub
+    - contents_pillar: 'openssh:rsa:public_key'
+    - user: root
+    - mode: 600
+    - require_in:
+      - service: {{ openssh.service }}
+{% endif %}
diff --git a/openssh/init.sls b/openssh/init.sls
index 8727ed3..6d447fe 100644
--- a/openssh/init.sls
+++ b/openssh/init.sls
@@ -8,43 +8,3 @@ openssh:
     - name: {{ openssh.service }}
     - require:
       - pkg: {{ openssh.server }}
-      {% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
-      - file: /etc/ssh/ssh_host_dsa_key
-      - file: /etc/ssh/ssh_host_dsa_key.pub
-      {% endif %}
-      {% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
-      - file: /etc/ssh/ssh_host_rsa_key
-      - file: /etc/ssh/ssh_host_rsa_key.pub
-      {% endif %}
-
-{% if salt['pillar.get']('openssh:provide_dsa_keys', False) %}
-ssh_host_dsa_key:
-  file.managed:
-    - name: /etc/ssh/ssh_host_dsa_key
-    - contents_pillar: 'openssh:dsa:private_key'
-    - user: root
-    - mode: 600
-
-ssh_host_dsa_key.pub:
-  file.managed:
-    - name: /etc/ssh/ssh_host_dsa_key.pub
-    - contents_pillar: 'openssh:dsa:public_key'
-    - user: root
-    - mode: 600
-{% endif %}
-
-{% if salt['pillar.get']('openssh:provide_rsa_keys', False) %}
-ssh_host_rsa_key:
-  file.managed:
-    - name: /etc/ssh/ssh_host_rsa_key
-    - contents_pillar: 'openssh:rsa:private_key'
-    - user: root
-    - mode: 600
-
-ssh_host_rsa_key.pub:
-  file.managed:
-    - name: /etc/ssh/ssh_host_rsa_key.pub
-    - contents_pillar: 'openssh:rsa:public_key'
-    - user: root
-    - mode: 600
-{% endif %}