From 1f80412da83091d159f827aeddcad2866e87a76d Mon Sep 17 00:00:00 2001 From: Andrew Vant Date: Thu, 2 Apr 2015 13:01:30 -0400 Subject: [PATCH] Added option to source ssh public keys from files. --- pillar.example | 5 +++++ users/init.sls | 12 ++++++++++++ 2 files changed, 17 insertions(+) diff --git a/pillar.example b/pillar.example index f095548..7b4ae59 100644 --- a/pillar.example +++ b/pillar.example @@ -32,6 +32,11 @@ users: # with the given keys ssh_auth_file: - PUBLICKEY + # If you prefer to keep public keys as files rather + # than inline in pillar, this works. + ssh_auth_sources: + - salt://keys/buser.id_rsa.pub + google_auth: ssh: | SOMEGAUTHHASHVAL diff --git a/users/init.sls b/users/init.sls index 181d4a0..7adada4 100644 --- a/users/init.sls +++ b/users/init.sls @@ -166,6 +166,18 @@ ssh_auth_{{ name }}_{{ loop.index0 }}: {% endfor %} {% endif %} +{% if 'ssh_auth_sources' in user %} +{% for pubkey_file in user['ssh_auth_sources'] %} +ssh_auth_source_{{ name }}_{{ loop.index0 }}: + ssh_auth.present: + - user: {{ name }} + - source: {{ pubkey_file }} + - require: + - file: {{ name }}_user + - user: {{ name }}_user +{% endfor %} +{% endif %} + {% if 'ssh_auth.absent' in user %} {% for auth in user['ssh_auth.absent'] %} ssh_auth_delete_{{ name }}_{{ loop.index0 }}: