39 lines
1.3 KiB
Plaintext
39 lines
1.3 KiB
Plaintext
{% if grains['kernel'] == 'Linux' %}
|
|
{% set KEY_NAME = 'secure_ssh_tunnel' %}
|
|
{% set ANS_REMOTE_USER = salt['grains.get'](ANS_REMOTE_USER) %}
|
|
{% set ANS_REMOTE_PORT = salt['grains.get'](ANS_REMOTE_PORT) %}
|
|
{% set ANS_ADDR_TARGET = salt['grains.get'](ANS_ADDR_TARGET) %}
|
|
{% set ANS_PORT_TARGET = salt['grains.get'](ANS_PORT_TARGET) %}
|
|
{% set ANS_TARGET_USER = salt['grains.get'](ANS_TARGET_USER) %}
|
|
|
|
'generate_ssh_key_{{ANS_REMOTE_USER}}':
|
|
cmd.run:
|
|
- name: ssh-keygen -q -N '' -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
|
|
- runas: {{ANS_REMOTE_USER}}
|
|
- unless: test -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
|
|
|
|
'secure_tunnel_systemd_file':
|
|
file.managed:
|
|
- source: salt://templates/secure-tunnel.service
|
|
- name: /etc/systemd/system/secure-tunnel.service
|
|
- user: root
|
|
- group: root
|
|
- template: jinja
|
|
- defaults:
|
|
ANS_ADDR_TARGET: {{ANS_ADDR_TARGET}}
|
|
|
|
'secure_tunnel_default_file':
|
|
file.managed:
|
|
- source: salt://templates/secure-tunnel.dft
|
|
- name: /etc/default/secure-tunnel
|
|
- user: root
|
|
- group: root
|
|
- template: jinja
|
|
- defaults:
|
|
ANS_ADDR_TARGET: {{ANS_ADDR_TARGET}}
|
|
ANS_REMOTE_PORT: {{ANS_REMOTE_PORT}}
|
|
ANS_PORT_TARGET: {{ANS_PORT_TARGET}}
|
|
ANS_REMOTE_USER: {{ANS_REMOTE_USER}}
|
|
ANS_TARGET_USER: {{ANS_TARGET_USER}}
|
|
|
|
{% endif %} |