openssh/client/known_host.sls - salt-formulas/openssh - Gitiles

 {%- from "openssh/map.jinja" import client with context %}
 {%- if client.enabled %}

 include:
 - openssh.client.service

 {%- set _users = client.get('user', {}) %}
 {%- for service_name, service in pillar.items() %}
   {%- set support_fragment_file = service_name+'/meta/openssh.yml' %}
   {%- macro load_support_file() %}{% include support_fragment_file ignore missing %}{% endmacro %}
   {%- set support_yaml = load_support_file()|load_yaml %}

   {%- if support_yaml and support_yaml.get('user', {}) %}
     {%- do _users.update(support_yaml.get('user', {})) %}
   {%- endif %}
 {%- endfor %}

 {%- for xxx, user in _users.iteritems() %}

 {%- if user.get('purge_undefined', False) %}
 {{ user.user.name }}_remove_old_known_hosts_file:
   cmd.run:
   - name: "if [ -e {{ user.user.home }}/.ssh/known_hosts ]; then mv {{ user.user.home }}/.ssh/known_hosts {{ user.user.home }}/.ssh/known_hosts_$(date +%F_%H-%M-%S); fi"
   - require:
     - file: {{ user.user.home }}/.ssh

 {{ user.user.name }}_create_empty_known_hosts_file:
   file.touch:
   - name: {{ user.user.home }}/.ssh/known_hosts
 {%- endif %}

 {%- for host in user.get('known_hosts', []) %}

 {%- if host.port is defined %}
 {{ user.user.name }}_known_hosts_{{ host.name }}_{{ host.port }}-{{ loop.index }}:
 {%- else %}
 {{ user.user.name }}_known_hosts_{{ host.name }}-{{ loop.index }}:
 {%- endif %}
   ssh_known_hosts.present:
   - user: {{ user.user.name }}
   - name: {{ host.name }}
   - enc: {{ host.get('type', 'ecdsa') }}
   {%- if host.fingerprint is defined %}
   - fingerprint: {{ host.fingerprint }}
     {%- if host.fingerprint_hash_type is defined %}
   - fingerprint_hash_type: {{ host.fingerprint_hash_type }}
     {%- endif %}
   {%- endif %}
   {%- if host.host_public_key is defined %}
   - key: {{ host.host_public_key }}
   {%- endif %}
   {%- if host.port is defined %}
   - port: {{ host.port }}
   {%- endif %}
   {%- if grains.get('noservices') %}
   - onlyif: /bin/false
   {%- endif %}
   - require:
     - pkg: openssh_client_packages
     - file: {{ user.user.home }}/.ssh

 {%- endfor %}

 {%- endfor %}

 {%- endif %}
	{%- from "openssh/map.jinja" import client with context %}
	{%- if client.enabled %}

	include:
	- openssh.client.service

	{%- set _users = client.get('user', {}) %}
	{%- for service_name, service in pillar.items() %}
	{%- set support_fragment_file = service_name+'/meta/openssh.yml' %}
	{%- macro load_support_file() %}{% include support_fragment_file ignore missing %}{% endmacro %}
	{%- set support_yaml = load_support_file()\|load_yaml %}

	{%- if support_yaml and support_yaml.get('user', {}) %}
	{%- do _users.update(support_yaml.get('user', {})) %}
	{%- endif %}
	{%- endfor %}

	{%- for xxx, user in _users.iteritems() %}

	{%- if user.get('purge_undefined', False) %}
	{{ user.user.name }}_remove_old_known_hosts_file:
	cmd.run:
	- name: "if [ -e {{ user.user.home }}/.ssh/known_hosts ]; then mv {{ user.user.home }}/.ssh/known_hosts {{ user.user.home }}/.ssh/known_hosts_$(date +%F_%H-%M-%S); fi"
	- require:
	- file: {{ user.user.home }}/.ssh

	{{ user.user.name }}_create_empty_known_hosts_file:
	file.touch:
	- name: {{ user.user.home }}/.ssh/known_hosts
	{%- endif %}

	{%- for host in user.get('known_hosts', []) %}

	{%- if host.port is defined %}
	{{ user.user.name }}_known_hosts_{{ host.name }}_{{ host.port }}-{{ loop.index }}:
	{%- else %}
	{{ user.user.name }}_known_hosts_{{ host.name }}-{{ loop.index }}:
	{%- endif %}
	ssh_known_hosts.present:
	- user: {{ user.user.name }}
	- name: {{ host.name }}
	- enc: {{ host.get('type', 'ecdsa') }}
	{%- if host.fingerprint is defined %}
	- fingerprint: {{ host.fingerprint }}
	{%- if host.fingerprint_hash_type is defined %}
	- fingerprint_hash_type: {{ host.fingerprint_hash_type }}
	{%- endif %}
	{%- endif %}
	{%- if host.host_public_key is defined %}
	- key: {{ host.host_public_key }}
	{%- endif %}
	{%- if host.port is defined %}
	- port: {{ host.port }}
	{%- endif %}
	{%- if grains.get('noservices') %}
	- onlyif: /bin/false
	{%- endif %}
	- require:
	- pkg: openssh_client_packages
	- file: {{ user.user.home }}/.ssh

	{%- endfor %}

	{%- endfor %}

	{%- endif %}