Merge "Use new image for kitchen tests"
diff --git a/Makefile b/Makefile
index 7747ec1..d166862 100644
--- a/Makefile
+++ b/Makefile
@@ -34,7 +34,6 @@
@echo "make release-major - Generate new major release"
@echo "make release-minor - Generate new minor release"
@echo "make changelog - Show changes since last release"
- @echo "make test-model-validate - Run salt jsonschema validation"
install:
# Formula
@@ -53,10 +52,6 @@
test:
[ ! -d tests ] || (cd tests; ./run_tests.sh)
-test-model-validate:
- # TODO make it actually fail
- [ ! -d $(FORMULANAME)/schemas/ ] || (cd tests; ./run_tests.sh model-validate)
-
release-major: check-changes
@echo "Current version is $(VERSION), new version is $(NEW_MAJOR_VERSION)"
@[ $(VERSION_MAJOR) != $(NEW_MAJOR_VERSION) ] || (echo "Major version $(NEW_MAJOR_VERSION) already released, nothing to do. Do you want release-minor?" && exit 1)
@@ -74,7 +69,7 @@
[ ! -f debian/changelog ] || dch -v $(VERSION_MAJOR).$(NEW_MINOR_VERSION) -m --force-distribution -D `dpkg-parsechangelog -S Distribution` "New version"
make genchangelog-$(VERSION_MAJOR).$(NEW_MINOR_VERSION)
(git add -u; git commit -m "Version $(VERSION_MAJOR).$(NEW_MINOR_VERSION)")
- git tag -s -m $(NEW_MAJOR_VERSION) $(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+ git tag -s -m $(VERSION_MAJOR).$(NEW_MINOR_VERSION) $(VERSION_MAJOR).$(NEW_MINOR_VERSION)
check-changes:
@git log --pretty=oneline --decorate $(VERSION)..HEAD | grep -Eqc '.*' || (echo "No new changes since version $(VERSION)"; exit 1)
diff --git a/openssh/client/service.sls b/openssh/client/service.sls
index 276adf6..8a5f9ac 100644
--- a/openssh/client/service.sls
+++ b/openssh/client/service.sls
@@ -42,6 +42,8 @@
- name: {{ user.user.home }}/.ssh/config
- user: {{ user.user.name }}
- source: salt://openssh/files/ssh_config
+ - context:
+ user_name: {{ user_name }}
- mode: 600
- template: jinja
- require:
diff --git a/openssh/files/ssh_config b/openssh/files/ssh_config
index 84c4482..104214f 100644
--- a/openssh/files/ssh_config
+++ b/openssh/files/ssh_config
@@ -1,29 +1,71 @@
-{%- from "openssh/map.jinja" import client with context %}
+{%- from "openssh/map.jinja" import client with context -%}
{%- from "linux/map.jinja" import network with context %}
-Host *
+{%- set global_config = {
+ 'send_env': 'LANG LC_*',
+ 'hash_known_hosts': True,
+ 'gssapi_authentication': False,
+ 'gssapi_delegate_credentials': False,
+ 'pubkey_authentication': True,
+ 'forward_agent': False,
+ } %}
- SendEnv {% if client.send_env is defined %}{{ client.send_env }}{% else %}LANG LC_*{% endif %}
- HashKnownHosts {% if client.get('hash_known_hosts', True) %}yes{% else %}no{% endif %}
- GSSAPIAuthentication {% if client.get('gssapi_authentication', False) %}yes{% else %}no{% endif %}
- GSSAPIDelegateCredentials {% if client.get('gssapi_delegate_credentials', False) %}yes{% else %}no{% endif %}
- PubkeyAuthentication {% if client.get('pubkey_authentication', True) %}yes{% else %}no{% endif %}
- ForwardAgent {% if client.get('forward_agent', False) %}yes{% else %}no{% endif %}
+{%- macro host_config(pattern, cfg) %}
+Host {{ pattern }}
- {%- if client.global_known_hosts is defined %}
- GlobalKnownHostsFile {{ client.global_known_hosts }}
+ {%- if cfg.send_env is defined %}
+ SendEnv {{ cfg.send_env }}
{%- endif %}
-
- {%- if client.proxy_command is defined %}
- ProxyCommand {{ client.proxy_command }}
+ {%- if cfg.hash_known_hosts is defined %}
+ HashKnownHosts {% if cfg.hash_known_hosts %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.gssapi_authentication is defined %}
+ GSSAPIAuthentication {% if cfg.gssapi_authentication %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.gssapi_delegate_credentials is defined %}
+ GSSAPIDelegateCredentials {% if cfg.gssapi_delegate_credentials %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.pubkey_authentication is defined %}
+ PubkeyAuthentication {% if cfg.pubkey_authentication %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.forward_agent is defined %}
+ ForwardAgent {% if cfg.forward_agent %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.global_known_hosts is defined %}
+ GlobalKnownHostsFile {{ cfg.global_known_hosts }}
+ {%- endif %}
+ {%- if cfg.proxy_command is defined %}
+ ProxyCommand {{ cfg.proxy_command }}
{%- elif network.proxy.host != 'none' and not network.proxy.get("pkg_only", true) %}
ProxyCommand connect -H {{ network.proxy.host }}:{{ network.proxy.port }} %h %p
{%- endif %}
- {% if client.stricthostkeychecking is not defined %}{% else %}StrictHostKeyChecking no{% endif %}
- {%- if client.get('alive', {'interval': None}).interval is number %}
- ServerAliveInterval {{ client.alive.interval }}
- {% endif %}
- {%- if client.get('alive', {'count': None}).count is number %}
- ServerAliveCountMax {{ client.alive.count }}
- {% endif %}
+ {%- if cfg.stricthostkeychecking is defined %}
+ StrictHostKeyChecking {% if cfg.stricthostkeychecking %}yes{% else %}no{% endif %}
+ {%- endif %}
+ {%- if cfg.userknownhostsfile is defined %}
+ UserKnownHostsFile {{ cfg.userknownhostsfile }}
+ {%- endif %}
+ {%- if cfg.get('alive', {'interval': None}).interval is number %}
+ ServerAliveInterval {{ cfg.alive.interval }}
+ {%- endif %}
+ {%- if cfg.get('alive', {'count': None}).count is number %}
+ ServerAliveCountMax {{ cfg.alive.count }}
+ {%- endif %}
+ {%- if cfg.port is defined %}
+ Port {{ cfg.port }}
+ {%- endif %}
+ {%- if cfg.identityfile is defined %}
+ IdentityFile {{ cfg.identityfile }}
+ {%- endif %}
+{%- endmacro %}
+{%- if user_name is not defined %}
+{%- do global_config.update(client) %}
+{{ host_config('*', global_config) }}
+{%- else %}
+ {%- for name, user in client.user.iteritems() %}{% if name == user_name %}
+ {% for pattern, config in user.get('config', {}).iteritems() %}
+{{ host_config(pattern, config) }}
+ {% endfor %}
+ {%- endif %}{%- endfor %}
+{%- endif %}