Added ability to provide pillar path for ssh_auth.
This commit is contained in:
Shane Poage
parent
23ede3ac67
commit
ff189c1613
|
|
@ -51,6 +51,9 @@ users:
|
||||||
# with the given keys
|
# with the given keys
|
||||||
ssh_auth_file:
|
ssh_auth_file:
|
||||||
- PUBLICKEY
|
- PUBLICKEY
|
||||||
|
# ... or you can pull them from a different pillar similar to ssh_keys_pillar
|
||||||
|
ssh_auth_pillar:
|
||||||
|
id_rsa: "ssh_keys"
|
||||||
# If you prefer to keep public keys as files rather
|
# If you prefer to keep public keys as files rather
|
||||||
# than inline in pillar, this works.
|
# than inline in pillar, this works.
|
||||||
ssh_auth_sources:
|
ssh_auth_sources:
|
||||||
|
|
|
||||||
|
|
@ -159,17 +159,24 @@ users_user_{{ name }}_public_key:
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if 'ssh_auth_file' in user %}
|
{% if 'ssh_auth_file' in user or 'ssh_auth_pillar' in user %}
|
||||||
users_authorized_keys_{{ name }}:
|
users_authorized_keys_{{ name }}:
|
||||||
file.managed:
|
file.managed:
|
||||||
- name: {{ home }}/.ssh/authorized_keys
|
- name: {{ home }}/.ssh/authorized_keys
|
||||||
- user: {{ name }}
|
- user: {{ name }}
|
||||||
- group: {{ name }}
|
- group: {{ name }}
|
||||||
- mode: 600
|
- mode: 600
|
||||||
|
{% if 'ssh_auth_file' in user %}
|
||||||
- contents: |
|
- contents: |
|
||||||
{% for auth in user.ssh_auth_file -%}
|
{% for auth in user.ssh_auth_file -%}
|
||||||
{{ auth }}
|
{{ auth }}
|
||||||
{% endfor -%}
|
{% endfor -%}
|
||||||
|
{% else %}
|
||||||
|
- contents: |
|
||||||
|
{%- for key_name, pillar_name in user['ssh_auth_pillar'].items() %}
|
||||||
|
{{ salt['pillar.get'](pillar_name + ':' + key_name + ':pubkey', '') }}
|
||||||
|
{%- endfor %}
|
||||||
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if 'ssh_auth' in user %}
|
{% if 'ssh_auth' in user %}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue