updated ssh state
This commit is contained in:
parent
33cf48ce01
commit
866f0a7015
@ -2,7 +2,7 @@
|
|||||||
ssh-ssh-config:
|
ssh-ssh-config:
|
||||||
file.managed:
|
file.managed:
|
||||||
- name: /etc/ssh/ssh_config
|
- name: /etc/ssh/ssh_config
|
||||||
- source: salt://ssh/ssh_config.j2
|
- source: salt://ssh/templates/ssh_config.j2
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- user: root
|
- user: root
|
||||||
- mode: 0644
|
- mode: 0644
|
||||||
@ -10,7 +10,7 @@ ssh-ssh-config:
|
|||||||
ssh-sshd-config:
|
ssh-sshd-config:
|
||||||
file.managed:
|
file.managed:
|
||||||
- name: /etc/ssh/sshd_config
|
- name: /etc/ssh/sshd_config
|
||||||
- source: salt://ssh/sshd_config.j2
|
- source: salt://ssh/templates/sshd_config.j2
|
||||||
- template: jinja
|
- template: jinja
|
||||||
- user: root
|
- user: root
|
||||||
- mode: 0644
|
- mode: 0644
|
||||||
|
@ -2,4 +2,6 @@
|
|||||||
|
|
||||||
{%- set defaults = salt['grains.filter_by'](default_settings, default='ssh') -%}
|
{%- set defaults = salt['grains.filter_by'](default_settings, default='ssh') -%}
|
||||||
|
|
||||||
{%- set ssh = salt['pillar.get']('ssh', default=defaults, merge=True) %}
|
{%- set ssh = salt['pillar.get']('ssh', default=defaults, merge=True) %}
|
||||||
|
|
||||||
|
{%- set net = salt['pillar.get']('net', default=defaults, merge=True) -%}
|
||||||
|
@ -1,21 +0,0 @@
|
|||||||
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
|
|
||||||
|
|
||||||
{%- from "ssh/map.jinja" import ssh with context %}
|
|
||||||
|
|
||||||
{%- set net4=[] %}
|
|
||||||
{%- for key, value in salt['pillar.get']('net:ipv4_networks').items() -%}
|
|
||||||
{%- do net4.append( value.ip + "/" + value.mask ) -%}
|
|
||||||
{%- endfor -%}
|
|
||||||
|
|
||||||
{%- set net6=[] -%}
|
|
||||||
{%- for key, value in salt['pillar.get']('net:ipv6_networks').items() -%}
|
|
||||||
{%- do net6.append( value.ip + "/" + value.mask ) -%}
|
|
||||||
{%- endfor -%}
|
|
||||||
|
|
||||||
{%- for key, value in ssh.sshd_config.items() %}
|
|
||||||
{{ key }} {{ value }}
|
|
||||||
{%- endfor %}
|
|
||||||
Match Address {{ net4|join(',') }}
|
|
||||||
PasswordAuthentication yes
|
|
||||||
Match Address {{ net6|join(',') }}
|
|
||||||
PasswordAuthentication yes
|
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
{%- for key, value in ssh.ssh_config.items() %}
|
{%- for key, value in ssh.ssh_config.items() %}
|
||||||
{{ key }} {{ value }}
|
{{ key }} {{ value }}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
13
states/ssh/templates/sshd_config.j2
Normal file
13
states/ssh/templates/sshd_config.j2
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
|
||||||
|
|
||||||
|
{%- from "ssh/map.jinja" import ssh with context %}
|
||||||
|
|
||||||
|
{%- for key, value in ssh.sshd_config.items() %}
|
||||||
|
{{ key }} {{ value }}
|
||||||
|
{%- endfor %}
|
||||||
|
|
||||||
|
Match Address {{ salt['pillar.get']('net:ip_networks')|join(',') }}
|
||||||
|
PasswordAuthentication yes
|
||||||
|
|
||||||
|
Match Address {{ salt['pillar.get']('net:ip_networks')|join(',') }}
|
||||||
|
PasswordAuthentication yes
|
Loading…
Reference in New Issue
Block a user