updated ssh state

states/ssh/config.sls

@@ -2,7 +2,7 @@
 ssh-ssh-config:
   file.managed:
     - name: /etc/ssh/ssh_config
-    - source: salt://ssh/ssh_config.j2
+    - source: salt://ssh/templates/ssh_config.j2
     - template: jinja
     - user: root
     - mode: 0644
@@ -10,7 +10,7 @@ ssh-ssh-config:
 ssh-sshd-config:
   file.managed:
     - name: /etc/ssh/sshd_config
-    - source: salt://ssh/sshd_config.j2
+    - source: salt://ssh/templates/sshd_config.j2
     - template: jinja
     - user: root
     - mode: 0644

states/ssh/map.jinja

@@ -3,3 +3,5 @@
 {%- set defaults = salt['grains.filter_by'](default_settings, default='ssh') -%}
 
 {%- set ssh = salt['pillar.get']('ssh', default=defaults, merge=True) %}
+
+{%- set net = salt['pillar.get']('net', default=defaults, merge=True) -%}

states/ssh/sshd_config.j2

@@ -1,21 +0,0 @@
-## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
-
-{%- from "ssh/map.jinja" import ssh with context %}
-
-{%- set net4=[] %}
-{%- for key, value in salt['pillar.get']('net:ipv4_networks').items() -%}
-{%- do net4.append( value.ip + "/" + value.mask ) -%}
-{%- endfor -%}
-
-{%- set net6=[] -%}
-{%- for key, value in salt['pillar.get']('net:ipv6_networks').items() -%}
-{%- do net6.append( value.ip + "/" + value.mask ) -%}
-{%- endfor -%}
-
-{%- for key, value in ssh.sshd_config.items() %}
-{{ key }} {{ value }}
-{%- endfor %}
-Match Address {{ net4|join(',') }}
- PasswordAuthentication yes
-Match Address {{ net6|join(',') }}
- PasswordAuthentication yes

states/ssh/templates/sshd_config.j2

@@ -0,0 +1,13 @@
+## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
+
+{%- from "ssh/map.jinja" import ssh with context %}
+
+{%- for key, value in ssh.sshd_config.items() %}
+{{ key }} {{ value }}
+{%- endfor %}
+
+Match Address {{ salt['pillar.get']('net:ip_networks')|join(',') }}
+  PasswordAuthentication yes
+
+Match Address {{ salt['pillar.get']('net:ip_networks')|join(',') }}
+  PasswordAuthentication yes