diff --git a/pillar.example b/pillar.example index b11aaf4..14e25e8 100644 --- a/pillar.example +++ b/pillar.example @@ -73,6 +73,8 @@ users: # than inline in pillar, this works. ssh_auth_sources: - salt://keys/buser.id_rsa.pub + ssh_auth_sources.absent: + - salt://keys/deleteduser.id_rsa.pub # PUBLICKEY_FILE_TO_BE_REMOVED # Manage the ~/.ssh/config file ssh_known_hosts: importanthost: diff --git a/users/init.sls b/users/init.sls index a4f6cba..152e859 100644 --- a/users/init.sls +++ b/users/init.sls @@ -278,6 +278,18 @@ users_ssh_auth_source_{{ name }}_{{ loop.index0 }}: {% endfor %} {% endif %} +{% if 'ssh_auth_sources.absent' in user %} +{% for pubkey_file in user['ssh_auth_sources.absent'] %} +users_ssh_auth_source_{{ name }}_{{ loop.index0 }}: + ssh_auth.absent: + - user: {{ name }} + - source: {{ pubkey_file }} + - require: + - file: users_{{ name }}_user + - user: users_{{ name }}_user +{% endfor %} +{% endif %} + {% if 'ssh_auth.absent' in user %} {% for auth in user['ssh_auth.absent'] %} users_ssh_auth_delete_{{ name }}_{{ loop.index0 }}: