mirror of
https://github.com/saltstack-formulas/openssh-formula.git
synced 2024-11-28 03:28:09 +01:00
1be0d8725a
The `config_get_lookup` and `config_get` sources lack flexibility. It's not easy to query several pillars and/or grains keys with the actual system. And the query method is forced to `config.get` without being configurable by the user. We define a mechanism to select `map.jinja` sources with similar notation as the salt targeting system. The `map.jinja` file uses several sources where to lookup parameter values. The list of sources can be modified by two files: 1. a global salt://parameters/map_jinja.yaml 2. a per formula salt://{{ tplroot }}/parameters/map_jinja.yaml. Each source definition has the form `<TYPE>:<OPTION>@<KEY>` where `<TYPE>` can be one of: - `Y` to load values from YAML files, this is the default when no type is defined - `C` to lookup values with `config.get` - `G` to lookup values with `grains.get` - `I` to lookup values with `pillar.get` The YAML type option can define the query method to lookup the key value to build the file name: - `C` to query with `config.get`, this is the default when to query method is defined - `G` to query with `grains.get` - `I` to query with `pillar.get` The `C`, `G` or `I` types can define the `SUB` option to store values in the sub key `mapdata.<key>` instead of directly in `mapdata`. Finally, the `<KEY>` describe what to lookup to either build the YAML filename or gather values using one of the query method. BREAKING CHANGE: the configuration `map_jinja:sources` is only configurable with `salt://parameters/map_jinja.yaml` and `salt://{{ tplroot }}/parameters/map_jinja.yaml` BREAKING CHANGE: the `map_jinja:config_get_roots` is replaced by compound like `map_jinja:sources` BREAKING CHANGE: the two `config_get_lookup` and `config_get` are replaced by `C@<tplroot>:lookup` and `C@<tplroot>` sources
35 lines
1018 B
YAML
35 lines
1018 B
YAML
# -*- coding: utf-8 -*-
|
|
# vim: ft=yaml
|
|
---
|
|
values:
|
|
openssh:
|
|
sshd_enable: true
|
|
sshd_binary: /usr/sbin/sshd
|
|
sshd_config: /etc/ssh/sshd_config
|
|
sshd_config_src: sshd_config # Default TOFS source filename
|
|
sshd_config_user: root
|
|
sshd_config_group: root
|
|
sshd_config_mode: '644'
|
|
sshd_config_backup: true
|
|
ssh_config: /etc/ssh/ssh_config
|
|
ssh_config_src: ssh_config # Default TOFS source filename
|
|
ssh_config_user: root
|
|
ssh_config_group: root
|
|
ssh_config_mode: '644'
|
|
ssh_config_backup: true
|
|
banner: /etc/ssh/banner
|
|
banner_src: banner # Default TOFS source filename
|
|
ssh_known_hosts: /etc/ssh/ssh_known_hosts
|
|
ssh_known_hosts_src: ssh_known_hosts # Default TOFS source filename
|
|
dig_pkg: dnsutils
|
|
ssh_moduli: /etc/ssh/moduli
|
|
root_group: root
|
|
# Prevent merge of array; always override values
|
|
host_key_algos: ecdsa,ed25519,rsa
|
|
# To manage/remove DSA:
|
|
# host_key_algos: dsa,ecdsa,ed25519,rsa
|
|
|
|
sshd_config: {}
|
|
ssh_config: {}
|
|
...
|