Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3923187
D1187.id3038.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
69 KB
Referenced Files
None
Subscribers
None
D1187.id3038.diff
View Options
diff --git a/GIDs b/GIDs
--- a/GIDs
+++ b/GIDs
@@ -1,6 +1,9 @@
827 chaton-dev
828 deployment
829 nasqueron-irc
+3001 ops
+#3002 is intentionally left unassigned
+3003 deployment
9001 salt
9002 deploy
9003 web
diff --git a/_modules/forest.py b/_modules/forest.py
new file mode 100644
--- /dev/null
+++ b/_modules/forest.py
@@ -0,0 +1,105 @@
+# -*- coding: utf-8 -*-
+
+# -------------------------------------------------------------
+# Salt — Forest execution module
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-11
+# Description: Functions related to forests
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+
+def exists(forest):
+ '''
+ A function to check if a forest exists.
+
+ CLI Example::
+
+ salt '*' forest.exists eglide
+ '''
+ return forest in __pillar__.get('forests', [])
+
+
+def get():
+ '''
+ A function to get the forest of the current minion
+
+ CLI Example::
+
+ salt '*' forest.get
+ '''
+ nodes = __pillar__.get('nodes')
+ minion = __grains__['id']
+ return nodes[minion]['forest']
+
+
+def list_groups(forest=None):
+ '''
+ A function to list groups for a forest.
+
+ CLI Example::
+
+ salt '*' forest.list_groups
+ '''
+ if forest is None:
+ forest = get()
+
+ groups = __pillar__.get('shellgroups_ubiquity', [])
+
+ groupsByForest = __pillar__.get('shellgroups_by_forest', {})
+ if forest in groupsByForest:
+ groups.extend(groupsByForest[forest])
+
+ return groups
+
+
+def get_groups(forest=None):
+ '''
+ A function to get groups for a forest as a dictionary,
+ including the group properties.
+
+ CLI Example::
+
+ salt '*' forest.get_groups
+ '''
+ groups = {}
+
+ for groupname in list_groups(forest):
+ groups[groupname] = __pillar__['shellgroups'][groupname]
+
+ return groups
+
+
+def list_users(forest=None):
+ '''
+ A function to list groups for a forest.
+
+ CLI Example::
+
+ salt '*' forest.list_users
+ '''
+ users = []
+
+ for group in get_groups(forest).values():
+ if "members" in group:
+ users.extend(group['members'])
+
+ return list(set(users))
+
+
+def get_users(forest=None):
+ '''
+ A function to get users for a forest as a dictionary,
+ including the users properties.
+
+ CLI Example::
+
+ salt '*' forest.get_users
+ '''
+ users = {}
+
+ for username in list_users(forest):
+ users[username] = __pillar__['shellusers'][username]
+
+ return users
diff --git a/pillar/core/groups.sls b/pillar/core/groups.sls
new file mode 100644
--- /dev/null
+++ b/pillar/core/groups.sls
@@ -0,0 +1,90 @@
+# -------------------------------------------------------------
+# Salt — Users accounts list
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-09
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Users groups
+#
+# These groups will be deployed on each servers if included in
+# shellgroups_ubiquity or in some servers forests if included
+# in the state shellgroups_by_forest.
+#
+# As for users, the mere fact to add a group here is a no-op.
+# These mapping are defined in the forests.sls pillar file.
+#
+# Sort the groups by GIDs.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+shellgroups:
+ shell:
+ gid: 200
+ title: Eglide shell users
+ description: >
+ Provide an account to use on the Eglide shell hosting project servers.
+ members:
+ - akoe
+ - amj
+ - ariel
+ - axe
+ - c2c
+ - chan
+ - dereckson
+ - erol
+ - harshcrop
+ - hlp
+ - kazuya
+ - khmerboy
+ - kumkum
+ - pkuz
+ - rama
+ - rashk0
+ - ringa
+ - rix
+ - sandlayth
+ - shark
+ - thrx
+ - tomjerr
+ - xcombelle
+ - xray
+ chaton-dev:
+ gid: 827
+ description: Manage Bonjour chaton service
+ members:
+ - hlp
+ nasqueron-irc:
+ gid: 829
+ description: Manage IRC bots used for Nasqueron projects
+ members:
+ - dereckson
+ - sandlayth
+ ops:
+ gid: 3001
+ title: Nasqueron Operations
+ description: >
+ Maintain the servers infrastructure. As such, members of this
+ group have a root access everywhere.
+ members:
+ - dereckson
+ - sandlayth
+ deployment:
+ gid: 3003
+ title: Nasqueron Deployment
+ description: >
+ Build softwares to be installed on the servers.
+ Deploy web sites and services files.
+ members:
+ - dereckson
+ nasquenautes:
+ gid: 3004
+ title: Nasqueron servers users
+ description: >
+ Provide an account on Nasqueron development servers.
+ members:
+ - dereckson
+ - kumkum
+ - rama
+ - xcombelle
diff --git a/pillar/core/users.sls b/pillar/core/users.sls
new file mode 100644
--- /dev/null
+++ b/pillar/core/users.sls
@@ -0,0 +1,165 @@
+# -------------------------------------------------------------
+# Salt — Users accounts list
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-08
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Users accounts
+#
+# shellusers:
+# When an account isn't included in a group, this is a no-op.
+# As such, users hereby listed don't have access to any server.
+#
+# revokedusers:
+# Users in this list will be removed from the servers.
+#
+# To rename an user:
+# Edit the username in the shellusers section,
+# add the former username to the revokedusers list.
+#
+# Sort the accounts by their username alphabetic order.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+revokedusers:
+ # Account renamed to erol // T808
+ - fedai
+ # Temporary test account // D608, D609
+ - amjtest
+ # Account renamed to sandlayth // T789
+ - kalix
+ # Users who never have connected to Eglide's accounts (SSH key issues)
+ - tarik
+
+shellusers:
+ akoe:
+ fullname: akoe
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyffI4KDYcnVYJKLIUcVhi0gtjaGPHFs7lJMyYn2RSEmRBoMyz7leZ+vbxC1I0BxiAs20JAAVKDFs+XsWSlKjVSXO++giTZCC2mnaQRR31cRiBXLqm7SZylAGMZiVeWgy9iOZTHQg0oOmE7z5P9hBIpLgScn9qmFKOI9iQwOrYa1u5G9H7qopdW5HdlZ9RDTzHDXQr6byc9Hk7NmycVhnry7WLKvVsSFCsJ2AjBXxB3Ck6CUhF/si8tCAA6EgRs8c+vh8hevUjprDc1rD++THhY/c5esFh5KxyLRr3dCq8QZ7zaJBWkgxXevPKmSlL/zEpyhtTG2CMUeRwURUmByp5 akoe
+ uid: 2024
+ amj:
+ fullname: Amaury J.
+ shell: zsh
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHRDb+9juQM0Dr/lUKwVF0iYid6iZbO8ZFqshxklaIpnzOgKqpkjEE7JhgegDZW+zH+WqlvKXC0ce6KkHAbmCsnu3wdXVkKS2IAfLCa6rQYMXFc8GYU929UMj4LilVCgDi2sXEOSTI6uh2yc8WkVGEOguMt9E7f5za44q+kJGnLJRK/1gu/1eDbCOe/dFfZg7o4hBlMrFcCbb2r+iUevOj92K7jJcYm8x3wmt4FTJbh5/6LJ3lgstLWYmY2jzbxKeJ1ONGg9e1tDNqkKMHcsvMeEyMTdGykYYhEI7tGMoEoxJQIWILpO0h7o8dnxvm6jC7lfBYbZtZttBPBkEsac+RUCX2Zejib0GioOnOXCKSqdk383ZXbyXIHogCn8ya2R/399Fw/40QVTFTvX8A1alSXQUJShA2RgWucPkSaufUKu3uSjGN4pUdtAkuSdcs/78mbQZkGOs29YdVSZIR5TbTld2uPiID6VLu1oLZtoEPvCrr7G5fDv02P7DR7YPKcouMyJwHswWwIQ/WKPawdDNdGEw0Cr8It0dRpI7nNZh79hdlJsqSNa1ezND4qfbm89SlmwpkypaualzvUnxfffW4hpAJp4Y1M7CNkNWLO3mdM1z/5y7vZgIzKURAClCE6h/pJASnZjA/BBxoXg5fgDf+nEGx652GaKIEtyF3PdIoFQ== am@gentam
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTQ7Tt/wm+eDc6bTbWX2HHQbdMJVS40mlEfit6usDGKb9PUDtV2pn1KumnsevFge3OArnCLDqp0pmIuMy8loMjyyFeMMsrMNvE4i1Zl/xXcss3siwlqzMDozGBpxC3jMielUnm64BMCtnURfFZsIZfnpZoG6jsfLKWUSKJro9SNrxQptnSH5xkvEOF7gZS8HTkEvjE1sgfIEabZrYIIo5nLrz9yxmuiHIOqx1uyhJGw1dr4pJSGAMcYGGOpfy8uOy80+46MUW8ZtpSTspaTiHnUgs7gSPyCThrgdiNjiAj+mAeUKYytQDt5MQxp0FbUvv34bCJ9Q8G7hXVqBaXO7N/wyyiJ2WL8BbfZhoKM0vmn/oaYmomdlWF08YmkJyeqvf0N9/s6gyzjdj7Aqihi/02YiOqdL5m5WZAREiqIGo/HtlpCoShiqtNn545mD+KwanMdJbJp8ALn7yjJJEKpXVCcUaZOPR7kTF4fZ0eUTuVH3SeyCf3z3OpZ55MeGOkjKfVRkHS6FJ9Uhkjxi0K/2apROB/XCtS0Bv3AjOxt7f7HvabmYzx3J/43JLFKK5BkmqTBGUTowKU/40kxbWug1MAnSzbmDEucZ/eu34SE4R2oXarLrflH9kAIZ6+cftMpAAOKd5VVHeVJKnl4MTSU4C67iwsVpVoJ+mQOPHsf5Ekuw== am@debian-am
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0zIEBYPoa9jQLE1+vRv3oMCwn5VM1EpwCb/K5Utqb1+VOpamWEFy3tkJrkppKFxjst+rDl5ztPLKal6LMURuOQhcGmVux+hJM/ucVtzvx/LHJsBmFsZGRJ2Y2cUXwDzedWqvJybzDhLWcuxPSdvIIiv7bTCLLSIatwsGEnDJ1ffSRgkcrXAd8Pu6/ghPAQwkpIv+POB6kvu5mDHcV5xqliMvI3C4pznheFX603WZ4qA2n0sokQ+2bHSDQHZqziGw4vwQc692JauVEHUDoznTGgMlzuiC2f7Aw1q2V9WFPvOifSr+uhTU8DCDlnssSZ/3m7dnh0soFVodju3s2Wpr32fWocyNqay6FDRYQLuFPziGqlQ6wMJE6nDXr+dYTwZm6ktMGp12/Go3KROCr06Q23JSrT5uaQ+UImoU1Y6veejpU34uo1kMQnoV16OsYARa0Aza5S9S8I3evIOGxPGNAsTb+mlylRwqUm7QSpQGpn3ov7fefG4EvH6ytQlZDAou9GyaeVFfhToqQ8cSqyDU4MOLTfILXTB2tjIRnIjs9U0B6Vczv/sZ9rp/614A5mzXapsfhDyx4FieDtVkr/gFNhI1s3f8y5VJcvL7NX2ggeaqq+kfHkIxAwUUjaVCLB+E3LgUeTG5bzz/ErZbRuDqTKpHUaHKinTNoObR9xpz7+w== amj@dwabyam
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCCKtSulhB9uva1RYOtwcLMcO+1V5oGti50OXntqG0OZfEauz/oLTQpt+nkKYNUN6MazL+9ienYQ8ZZPgZbOs9WGh0acxBcPM5Dw5b0ZWEJ8h9Dk2M7P144aeRS/HuHVvc/JyI3+gYHgqWGe5ycEzlrFeegX7/Zr76eaFDQPGMnsJCFZVga24TiSPiEBTuyszq0/emsLJe41zFY4J6Y2kbaWuJYbiAvA0mZAD+g6+ltEa6vdUOF1BI2kTPFeKXc2dCnbaJAz00I437zUGdaU4533iyLHygxLPjAsjxO8q4f163VR7Rd2jibvRUW2EXgVoY1mJjkNwi2XLQCCwgG/6G8IuQaMjPAx0v7bf+vAJ3x+esJtVFNa55sgU7uHWPaRAwtovspCFBpTRIsp6J5f+1WLqWQVBVBZHdR+5PC2H5Zwb5Hq33Jn8ksQoPMCWcbIbjgF78a/B4LgtsJpA2x8cGJi6p1DEKT5bC6ROGMxqPwA8pFgI3+0X5ukZvTMDH7BjiXkbdyCaFfwo7UofRrPHIUyPAYh/XD7rUddc/6rjVBzmkXTeyYvevOOlmTxM5BDJZI/w6Gc2/XQchCDoWT9ttw7VWX19fHaHtx8KE/I8JaSS5hW77Kl3PzWJxewOAcJMh9HNza3jBgqZFTHktPCPUBZbsjD27YWJcYPrhzpQErQ== amj@thinbiam
+ uid: 2005
+ ariel:
+ fullname: ariel
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwaTYlLZ90/oQ5tDYDkhI2mHa1L6Vh+zcekCt8D08N7/CrFI5sUVteTwMWw2ytQlWnyT3HVgHb4IS1EPjpjyuqseRcNW0HYsqBk3E36PCBQIqjLZ0nDAeHQtm6T6pXiKC5qUppghwrvDxVYFpF3lFzAzfYMrF7iugk0xRPTHZWm8df7dqIB/6FfbxSD95yQVAlJefxoFWbo3Yn+exEZQvWv6lQYXnjV5DSwMf8tPGDkc2DRjrnR52ZrXPRZFCqc9JGkA/l8QsYtjmqJdnOgq5raOb56aRulJYdP2j//B4lRJJlglMuj8dSZE/j04zub+P2QhfdqeEHmeaTUqbwcnZZw==
+ uid: 2021
+ axe:
+ fullname: axe
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjrcYXZ2/bfTdxVI1ZMXknB7WJa8uY1RLZ5Vrs2LPRTzBqaXzpY6/Iw5Ibiy8KMbVo/vQtAWrGY00ucHE+swS2VEtWIZc72kSznkL65bKtqHbZa+IqktRUBsg6ay/3Xups0DBfZ1T+SRSiLh0rya1dXd2NyIrvSo5eCxEPqAPm87rOrgC95GRxqlJUZ5ZOjV92K9v6TcTQWn61nGl2DQviAugNGtHGXhq0Xk98lWkLeGhDLedJOqFmHvqGrkSQpEps7ivlh3Mstv49pXqH1dIA7UhnyX5DTR6YjhIKehZnCfsl8wt6FMCs5QMor1giY4ZpUhY2D4ezvzFD2kqbOUvQQ== 2017-06-14
+ uid: 2019
+ c2c:
+ fullname: c2c
+ shell: fish
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyoC7ekLYc7nsd1QsgfdEatYw1FC7z92miIdXvx0n8O c2c@ender
+ uid: 2012
+ chan:
+ fullname: Chanel
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvDcmKHfTrCBRpjJxYyIELMRknrMpDXfcKDhfXqmB09 chan@Calculon
+ uid: 2009
+ dereckson:
+ fullname: Sebastien Santoro
+ shell: zsh
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzD5VzetMFTUHLWrLyBsnZ6bdwDa4Ip9WWAh5nLxKyR dereckson@ysul.nasqueron.org
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIURiX8gBIv91sxutRQeESip7Ympmqe6miepoNDvXpZ9 dereckson@orin.dereckson.drake
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGIYBdz8pW4vaSyA/QPlcU81uLI8SHoq7I+K6FPO9oh dereckson@graywell.dereckson.drake
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV4p25jLQQHLgKH1SawoNLKuxkfyHuERRDUN9QZ7i5m dereckson@yakin.dereckson.drake
+ uid: 5001
+ erol:
+ fullname: Erol Unutmaz
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdHrSRJGwaGFTpoZIvkoWTMpnXgke77emVicMT8b37kcUepeD91pA3UPQ7UOEQl/Af3Ly7ePneymZ6NjAkM06oPeIjxE6Nz+i6p7rVIZhCb9qz+hdKgt4wSEQLWponegFNdCUs6HvMjDGlsI0kajHgIakXiKAwNyxhQzpBoGranO9c2PdAq2HGq7Kcq8ApC1kdKG0W3dT4PWborzmt1jWna2yosEn+TTHj5wi2p/E9BsCbmfokBO3xn491lr1P4shh4zg7Mv3SPD3j4/mZb9EMwD8cl4y9ZIoMEbL8p4s8J7Joqs3gK9hmMN5ZCNUFrNrJu3TCRZre2k7cV3+U3IXT erol@fedai
+ uid: 2002
+ harshcrop:
+ fullname: Harsh Shah
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1ANaxVViiL8s2KTdb+p4FWBBZjXz3zH9/es0SSLuXzCjcs1opEeMeb4roQWWgxrZ3j0aOJAj0smSP1THtrwW1xUE5DidmueuqokgbQuvkrsvcDaJYbNjUr/3fAw7/JcWgh4lSSxCLgflpjBr5aTlMQZj/KPrGnlzjr/hPvb8cAomS2HD+hLuC2z26cvOhY811scTZWMoBrxSkmrXOTkutRdZm+TrYJyZy7xQ9ncfsARYzrOZ4be+0mfb6i4tJfMbBvadSu/gyJdOLCfV5SxdjpMLPqIXO9hWkRKYH8SFX5ZWVw8C06iJWcnFCIw1YMTFYe1MNqV8YICiYUmJ2CWaL harshcrop@Harshs-MacBook-Pro.local
+ uid: 2020
+ hlp:
+ fullname: hlp
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIP+04Jhq2toJ+RLx41NKrtDGgmSCfOsAY/BnJ6EzNXC hlp@sonny
+ uid: 2018
+ kazuya:
+ fullname: Kazuya
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtCcRQ6HVKD5mj602UJkpI/TMGVt1R0yYx1HxP6SWJb6FM2E4wzkxtf0sp2cxW/9Lz/0OsQV8fSSo/qfUhQXfRcL+rxsM+iixD0WMffMC8CrqsYS+VV32HR2sIm8J7yyMweJrfYneErdFisGmMgOFw8vBGX01XfdwGqbSflf3Tal7L3R0g65rclGsg7JckWE6RQMXnvGwXQxv4QahaNtZK74AlyeFgsXYlv14UeaGE4Pz+rkgZKoC4tvAOBQMNxWtCPMcydJOacoCZO7Jcxv0jMUo0y26mulQ6vbz5hqAPS612c47gh8VNDDkQaznQMeiSyIlnvDEkHmzvC8Z3UAeJ eglide
+ uid: 2004
+ khmerboy:
+ fullname: khmerboy
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxg4+y6QxyyeHvmcWHy5Q9pjh8YBNC+Q1w3+QHWH/7WKw9odKHgtpu2hixfOeZl5k/E9+XPw2oGmQzs3pInz/yyegGB57kb3xAftqJkHVuBKsrz+7q3fPjnoqk3VZ62k5II3oqEEjizdVhEVacU+149m3LJWo+FKoRAKxlX39KwEM+UMDfynck7OJvKRWTTP/cbPzR7kaMifQLWZF6stFilRnYBAesK2DzLgO37DovwxmQO1CbBuitgsHwLDXGW0gePyC39REIrntZSte1xdlEfC27rQnXcH3YPcTm9bwNBXnK1Jiwfp3fJ6q6FIz9IaybhO6CGNOOODHN4R4DTbbfQ== rsa-key-20170922
+ uid: 2023
+ kumkum:
+ fullname: Kumkum
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnCIiESqqsGOhaS16jwboLplQIP0FwKMhk0oRF7EP55 kumkum@kumkum-E200HA
+ uid: 2008
+ pkuz:
+ fullname: PK of UZ
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHIngmKZJUTBgps2LpfrjFwMtW8U5Zd0olKnmG0YZbApN9UHmiVKw6ow0U+KxI6kYGrNi6acKRnZHrnip8io8swW8PnLsgFKoCO2Ywrz/uDFaNJIVdTiNNB1Msm4dd2SiRwtn09SUVwSKBIFQFEoPG7q7v1OgvhIAk13/qbrOV+u6ZgoY8ssYH7qlRElAc4cptjtTen63f87wHFUN65T70ce6nFxOsZfTrB5Y+O7DTO25y7RV6q7CXq+i1uxJutDWDOLhb+dAqQHb5JEqBTF+CElyZtJtK+GxiXfMTWTyNBlv/4up/fRDMRxZ1F69Wowjn3MSnvsFgqxhwxW6Fksr7
+ uid: 2022
+ rama:
+ fullname: Rama
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADXRCZ9fFZJAJLOF0PakwhuU9b5Ne4PPr7ESwJzYndn
+ uid: 2013
+ rashk0:
+ fullname: Rashk0
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJKU6dVl19vQFPMUWS2iGRzBV1uD9YEaMijBkY2oPYjwhFXc1fouGGr17kkSK9D0c4pr9A6jk/gH9GWE5SpwaZY94VK5QfdvHpyA1hLevdUc4mwuIbsMp893kr0e9Miys1/v+UdFhUq0n3rWiER3oo9rJjx3qloBqSfD18y3sCFTyM1AheVMp7E71kgViG7wWtHrkmnrBo3V5ENc2snTCQy7lF7eQ5a6D45a5n2KYV94YrMvGDbfYUnw8IJHNN6XB1KBK6mksbm2p6fc3ow0UJDOK3bfJNUkp9tfRJV/EeYxGPYJRE60Ng2Dqc3zZaH7FDgbBLoK0UwGURQozNSQT campari@Beta
+ uid: 2003
+ ringa:
+ fullname: Ringa
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiTobf2i/IveVlpdntX9M6p9rOe60HuODq5FslTIFxA/RwKQbJKafCQZ3ci+Pt9BKAKtBGSJANNfbxxN7VRB+iO6UZUh2Qjb012CfigC5g1r9MEryqh8LBP27NqTkCqjMZrwUa6pYMBG1/ydbOA0BIr3C72QfpXC/qCSvXNgQzL7DGSR7cgjhGvMDn5ewJuxsvXAcajMLEORxeYooONG9ELGRUMFI4WcX6gmiYcrMVsMF+7ByshIngV5v9esWadi+RdTWUVOYt2yVS7hkYHZwUX/bN1AOfkRiuD1w3DFFiHhSoquCwaOOZjKxAw6VOrV6O/toLGe0kXXfRFzeB29/1w== rsa-key-20170111
+ uid: 2010
+ rix:
+ fullname: Rix
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjFnOi4rwBVdw69U9y1xgWXrfNNgxEXAmbXthzHae07COwN190xoWv8VeogKxfMdxE2Tj4E0BDFt2i7Jbk9BploFdNXG46lrnoszmgRsuRx5jERfvMyOPvCAQHbL0N53AL6zH9wXF/51a5bJJ3n4wkmO1nDj9WqrDNk0in+knICiPHQX4TxwRXqBuf61gQMxwy8Aoy1WCCfCeAesZxjdFM47C6X3PPHVaXvF6x6iX8OzIHqoVT18yQAQxbET+PWMtlmNFJFx76+Sov4eQm/d2KeRg0aqw49gKLpigYnHfd2uitmSQixBNl5jyvDMoR92vZmZnScmqA9cXQikQ9HCW6Q== rsa-key-20170110
+ uid: 2007
+ sandlayth:
+ fullname: Yassine Hadj Messaoud
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4H4SF3NZ0/o5uTYhIUKUEzP7hlZ0mGqMxs6wt/dhQs kalix@arch-laptop
+ uid: 5002
+ shark:
+ fullname: Shark
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjKehL1PdhcpLNiGdWLuVCUpNawUhQoxon3nmhZm/B+oU2nwygqvx9YU3LFzTEDNXWtU0aH2UVgC5bkRyVdmVKjX878luoluYwhKJFrYoEd9zS+EPDNmNYSoKntDbZoB17iacVEUM4Kg3RAzwStw3L8OO9DlB9NdXUzS8/9wlSy43ddoRRy83FvnvhRNXWScUIQyBolxqyoVvXdLZ2t0PnCdU3Bz2Wkcg24XjwDOR0R0A3780b+VGcsjXtjYxK6xCpNo9l2DqLAfpw+BFusWy6au5U15vfHgR91Lbcd1xtfvJAElI97fR6DGf+HSrtYZe+9gMU1nofibdiNWSJ/Vn+Q== rsa-key-20161212
+ uid: 2006
+ thrx:
+ fullname: ThrX
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqm65UgRA1ZJaGnam+PQiFmXKOKZHAUc5jN8zRQsAaFv5Kgxks857DPBX8eO7Wolh70C/UVXAqYgHS2yg74KKKzyjv2vd/de4vQuC4m24IRWkuGJ6xr+dgqNRMn3YklJ2W/SzMCLIFNWUlM3JnvIPElxrLVMSm9ZCACAvWGgy8uF+vBkJYsmfN5AokyzSZcAUqREBbnsC33erGz50it4Oxn4QpAGWtYBHz+kHz89rZBMbMRAoMyQ1EfnzH076jtufHuTdqibmQRB39GbY8bgJJk0tpntwTvx4pHAnMK6CUwbjtFU03LByYNiIzDjwHXqfwuQZl8WlQjx7oTVNHCJ9fw== rsa-key-20170221
+ uid: 2014
+ tomjerr:
+ fullname: Tommy Aditya
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7WGzb6h6i8H81nkw0E2PvFwi1yqODeltyGwFQxEwL4+bc75LlbxtpIsxS+D4vkervfGjMwgAJSFOv6uimRhubmp1I2Pf85APTf/a9xXmNzAuNnhR8ur93I08cQ2kKlY19q3EX4H4qj2HizRZxgusG8dYyBWuKuq6P7vIn5zn55IzFJKxCekydAjQsDUTOaio5brLD3sY8IfnWtKWDgrszozUOEqZdquJDS6LBEHHDTpWK/Mzuwd6YkpfdG2GVLwuN6Rj43jNoxcvk2W7oJyJQQ7xSpNR3QIFzTAu9VL9AAv4qak4o2AYpmg8HXsgGR2ARvJ0mFzWw8qy/c/5plPgp tomjerr
+ uid: 2001
+ xcombelle:
+ fullname: Xavier Combelle
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9KJQDTtuxGCOaeFtip+yel45zMNS4tvrYg0AzNhT22K8g3F8wiY1GKvYw6Czj8Zo+rqA5/Rt7BCQwNtZyI+Nh23Cvg5wZQ2A6dtzQI69HZVSi+FRA5o4/SG4wyp7AT6wuWn+7tTE/pH69D0keDmaNpLSzhkxKFQd2DuOD2BENobEIE9DzbRf2DeUJ15uCzX/mnEXykklYvQ5AontiwL7VNB1VpNebrfnecAaAua0RhuYp+XwxBaSM4KB4lIA6hTBYEOG6J3TaC3GofMtAANI/n8gcCQkadkqtQHrap2Wh9X6bzekwROVGui1TW6sM7+hS4P7PM80nK05iVnGzIfYR xavier.combelle@gmail.com
+ uid: 2017
+ xray:
+ fullname: xray
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAzSj3sQYbrBBdceBRUAbuzCS9vZWycVV0OSZ0ofoWx/dOTIalhc3O+aett7J34GqwDgpcTEkEpa/MrlO/2TOGOFIsPlvbZW4fXXFADCbOWkRRNuYW5rv/Sg6ZliGtw4cj0dKEkn9+L/JAuGwKV5KJNTPcp5w8hZyQYczZ8KhcyNVv7mfzLnId03wPnuTTe+AmCTOitbVb3gxjdXDYeS46PkbV8m/23KpcdLigo3ClDwE/SIoA+YddaAbpWDMEwhnWyKmLGI6xkFcqSY1NT0eYnL2waZMEnfluxt+D0V0IT5NeOmQcTuVWPvjFdSKbKepPhdrFmzGNtytfZWoFOPiG+Q== rsa-key-20170119
+ uid: 2011
diff --git a/pillar/nodes/forests.sls b/pillar/nodes/forests.sls
new file mode 100644
--- /dev/null
+++ b/pillar/nodes/forests.sls
@@ -0,0 +1,46 @@
+# -------------------------------------------------------------
+# Salt — Forests
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-20
+# Description: Groups nodes by forest to allow to apply
+# a common configuration, like users/groups
+# to a set of nodes (ie servers).
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Table of contents
+# -------------------------------------------------------------
+#
+# :: Forests
+# :: Shell groups
+#
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Forests
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+forests:
+ - nasqueron-dev
+ - nasqueron-infra
+ - eglide
+
+# -------------------------------------------------------------
+# Shell groups
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+shellgroups_ubiquity:
+ - ops
+ - deployment
+
+shellgroups_by_forest:
+ nasqueron-dev:
+ - nasquenautes
+ - nasqueron-irc
+ nasqueron-infra: []
+ eglide:
+ - shell
+ - chaton-dev
+ - nasqueron-irc
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -12,7 +12,7 @@
## Semantic field: https://devcentral.nasqueron.org/P27
##
dwellers:
- forest: nasqueron
+ forest: nasqueron-infra
hostname: dwellers.nasqueron.org
roles:
- paas-lxc
@@ -20,14 +20,14 @@
network:
ipv6_tunnel: True
equatower:
- forest: nasqueron
+ forest: nasqueron-infra
hostname: equatower.nasqueron.org
roles:
- paas-docker
network:
ipv6_tunnel: False
ysul:
- forest: nasqueron
+ forest: nasqueron-dev
hostname: ysul.nasqueron.org
roles:
- devserver
diff --git a/pillar/top.sls b/pillar/top.sls
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -9,12 +9,11 @@
base:
'*':
- core.hostnames
+ - core.users
+ - core.groups
- certificates.certificates
- nodes.nodes
+ - nodes.forests
ysul:
- paas-jails.jails
- webserver-legacy.sites
- eglide:
- - users.revokedusers
- - users.shellusers
- - users.shellgroups
diff --git a/pillar/users/revokedusers.sls b/pillar/users/revokedusers.sls
deleted file mode 100644
--- a/pillar/users/revokedusers.sls
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Revoked users accounts list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-10
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Users accounts
-# -------------------------------------------------------------
-
-revokedusers:
- # Account renamed to erol // T808
- - fedai
- # Temporary test account // D608, D609
- - amjtest
- # Account renamed to sandlayth // T789
- - kalix
- # Users who never have connected to Eglide's accounts (SSH key issues)
- - tarik
diff --git a/pillar/users/shellgroups.sls b/pillar/users/shellgroups.sls
deleted file mode 100644
--- a/pillar/users/shellgroups.sls
+++ /dev/null
@@ -1,35 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Service groups list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2017-01-24
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Nasqueron
-# -------------------------------------------------------------
-
-shellgroups:
- ops:
- gid: 3001
- description: Nasqueron Operations
- members:
- - dereckson
- - sandlayth
- chaton-dev:
- gid: 827
- description: Bonjour chaton
- members:
- - hlp
- deployment:
- gid: 828
- description: Build softwares to be installed on the servers
- members:
- - dereckson
- nasqueron-irc:
- gid: 829
- description: Manages IRC bots used for Nasqueron projects
- members:
- - dereckson
- - sandlayth
diff --git a/pillar/users/shellusers.sls b/pillar/users/shellusers.sls
deleted file mode 100644
--- a/pillar/users/shellusers.sls
+++ /dev/null
@@ -1,88 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Users accounts list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-08
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Users accounts
-# -------------------------------------------------------------
-
-shellusers:
- tomjerr:
- fullname: Tommy Aditya
- uid: 2001
- erol:
- fullname: Erol Unutmaz
- uid: 2002
- rashk0:
- fullname: Rashk0
- uid: 2003
- kazuya:
- fullname: Kazuya
- uid: 2004
- amj:
- fullname: Amaury J.
- shell: zsh
- uid: 2005
- dereckson:
- fullname: Sebastien Santoro
- shell: zsh
- uid: 5001
- sandlayth:
- fullname: Yassine Hadj Messaoud
- uid: 5002
- shark:
- fullname: Shark
- uid: 2006
- rix:
- fullname: Rix
- uid: 2007
- kumkum:
- fullname: Kumkum
- uid: 2008
- chan:
- fullname: Chanel
- uid: 2009
- ringa:
- fullname: Ringa
- uid: 2010
- xray:
- fullname: xray
- uid: 2011
- c2c:
- fullname: c2c
- shell: fish
- uid: 2012
- rama:
- fullname: Rama
- uid: 2013
- thrx:
- fullname: ThrX
- uid: 2014
- xcombelle:
- fullname: xcombelle
- uid: 2017
- hlp:
- fullname: hlp
- uid: 2018
- axe:
- fullname: axe
- uid: 2019
- harshcrop:
- fullname: Harsh Shah
- uid: 2020
- ariel:
- fullname: ariel
- uid: 2021
- pkuz:
- fullname: PK of UZ
- uid: 2022
- khmerboy:
- fullname: khmerboy
- uid: 2023
- akoe:
- fullname: akoe
- uid: 2024
diff --git a/roles/shellserver/users/files/ssh_keys/rama b/roles/core/users/files/authorized_keys
rename from roles/shellserver/users/files/ssh_keys/rama
rename to roles/core/users/files/authorized_keys
--- a/roles/shellserver/users/files/ssh_keys/rama
+++ b/roles/core/users/files/authorized_keys
@@ -1,9 +1,8 @@
# -------------------------------------------------------------
# OpenSSH authorized_keys
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rama
+# Source file: pillar/core/users.sls
# -------------------------------------------------------------
#
# <auto-generated>
@@ -18,5 +17,5 @@
# You can also ask Nasqueron operations to do that for you:
# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADXRCZ9fFZJAJLOF0PakwhuU9b5Ne4PPr7ESwJzYndn
+{% for key in keys %}
+{{ key }}{% endfor %}
diff --git a/roles/shellserver/users/init.sls b/roles/core/users/init.sls
copy from roles/shellserver/users/init.sls
copy to roles/core/users/init.sls
--- a/roles/shellserver/users/init.sls
+++ b/roles/core/users/init.sls
@@ -1,8 +1,8 @@
# -------------------------------------------------------------
# Salt — Provision users accounts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-08
+# Project: Nasqueron
+# Created: 2017-11-09
# Description: Adds and revokes user accounts, in the relevant
# groups and with their stable SSH keys.
# License: Trivial work, not eligible to copyright
@@ -15,7 +15,7 @@
# :: Disabled accounts
# :: Active accounts
# :: Groups
-# :: Managed SSH keys
+# :: SSH keys
#
# -------------------------------------------------------------
@@ -25,8 +25,8 @@
# Disabled accounts
# -------------------------------------------------------------
-{% for user in pillar.get('revokedusers') %}
-{{user}}:
+{% for username in pillar.get('revokedusers') %}
+{{ username }}:
user.absent
{% endfor %}
@@ -34,44 +34,46 @@
# Active accounts
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
-{{user}}:
+{% for username, user in salt['forest.get_users']().iteritems() %}
+{{ username }}:
user.present:
- - fullname: {{ args['fullname'] }}
- - shell: {{ shells[args['shell']|default('bash')] }}
- - uid: {{ args['uid'] }}
+ - fullname: {{ user['fullname'] }}
+ - shell: {{ shells[user['shell']|default('bash')] }}
+ - uid: {{ user['uid'] }}
{% endfor %}
# -------------------------------------------------------------
# Groups
# -------------------------------------------------------------
-shell:
+{% for groupname, group in salt['forest.get_groups']().iteritems() %}
+group_{{ groupname }}:
group.present:
- - system: True
- - gid: 200
- - members:
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
- - {{user}}
+ - name: {{ groupname }}
+ - gid: {{ group['gid'] }}
+ - members: {{ group['members'] }}
{% endfor %}
-{% for group, args in pillar.get('shellgroups', {}).iteritems() %}
-group_{{group}}:
- group.present:
- - name: {{group}}
- - system: False
- - gid: {{ args['gid'] }}
- - members: {{ args['members'] }}
-{% endfor %}
-
# -------------------------------------------------------------
-# Managed SSH keys
+# SSH keys
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
-sshkey_{{user}}:
- ssh_auth.present:
- - user: {{user}}
- - source: salt://roles/shellserver/users/files/ssh_keys/{{user}}
-{% endfor %}
+{% for username, user in salt['forest.get_users']().iteritems() %}
+/home/{{ username }}/.ssh:
+ file.directory:
+ - user: {{ username }}
+ - group: {{ username }}
+ - dir_mode: 700
+
+/home/{{ username}}/.ssh/authorized_keys:
+ file.managed:
+ - source: salt://roles/core/users/files/authorized_keys
+ - user: {{ username }}
+ - group: {{ username }}
+ - mode: 600
+ - template: jinja
+ - context:
+ keys: {{ user['ssh_keys']|default([]) }}
+
+{% endfor %}
diff --git a/roles/saltmaster/account/init.sls b/roles/saltmaster/account/init.sls
--- a/roles/saltmaster/account/init.sls
+++ b/roles/saltmaster/account/init.sls
@@ -14,10 +14,6 @@
# Salt account
salt_account:
- group.present:
- - name: salt
- - gid: 9001
- - system: True
user.present:
- name: salt
- fullname: SaltStack master account
@@ -33,15 +29,11 @@
# Deployment account
deploy_account:
- group.present:
- - name: deploy
- - gid: 9002
- - system: True
user.present:
- name: deploy
- fullname: Deployment and management of the Salt staging area
- uid: 9002
- - gid: 9002
+ - gid: 3003
- home: /var/run/deploy
# Allow to repair ownership if the account is created after the staging
diff --git a/roles/shellserver/users/files/ssh_keys/akoe b/roles/shellserver/users/files/ssh_keys/akoe
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/akoe
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/akoe
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyffI4KDYcnVYJKLIUcVhi0gtjaGPHFs7lJMyYn2RSEmRBoMyz7leZ+vbxC1I0BxiAs20JAAVKDFs+XsWSlKjVSXO++giTZCC2mnaQRR31cRiBXLqm7SZylAGMZiVeWgy9iOZTHQg0oOmE7z5P9hBIpLgScn9qmFKOI9iQwOrYa1u5G9H7qopdW5HdlZ9RDTzHDXQr6byc9Hk7NmycVhnry7WLKvVsSFCsJ2AjBXxB3Ck6CUhF/si8tCAA6EgRs8c+vh8hevUjprDc1rD++THhY/c5esFh5KxyLRr3dCq8QZ7zaJBWkgxXevPKmSlL/zEpyhtTG2CMUeRwURUmByp5 akoe
diff --git a/roles/shellserver/users/files/ssh_keys/amj b/roles/shellserver/users/files/ssh_keys/amj
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/amj
+++ /dev/null
@@ -1,25 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/amj
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHRDb+9juQM0Dr/lUKwVF0iYid6iZbO8ZFqshxklaIpnzOgKqpkjEE7JhgegDZW+zH+WqlvKXC0ce6KkHAbmCsnu3wdXVkKS2IAfLCa6rQYMXFc8GYU929UMj4LilVCgDi2sXEOSTI6uh2yc8WkVGEOguMt9E7f5za44q+kJGnLJRK/1gu/1eDbCOe/dFfZg7o4hBlMrFcCbb2r+iUevOj92K7jJcYm8x3wmt4FTJbh5/6LJ3lgstLWYmY2jzbxKeJ1ONGg9e1tDNqkKMHcsvMeEyMTdGykYYhEI7tGMoEoxJQIWILpO0h7o8dnxvm6jC7lfBYbZtZttBPBkEsac+RUCX2Zejib0GioOnOXCKSqdk383ZXbyXIHogCn8ya2R/399Fw/40QVTFTvX8A1alSXQUJShA2RgWucPkSaufUKu3uSjGN4pUdtAkuSdcs/78mbQZkGOs29YdVSZIR5TbTld2uPiID6VLu1oLZtoEPvCrr7G5fDv02P7DR7YPKcouMyJwHswWwIQ/WKPawdDNdGEw0Cr8It0dRpI7nNZh79hdlJsqSNa1ezND4qfbm89SlmwpkypaualzvUnxfffW4hpAJp4Y1M7CNkNWLO3mdM1z/5y7vZgIzKURAClCE6h/pJASnZjA/BBxoXg5fgDf+nEGx652GaKIEtyF3PdIoFQ== am@gentam
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTQ7Tt/wm+eDc6bTbWX2HHQbdMJVS40mlEfit6usDGKb9PUDtV2pn1KumnsevFge3OArnCLDqp0pmIuMy8loMjyyFeMMsrMNvE4i1Zl/xXcss3siwlqzMDozGBpxC3jMielUnm64BMCtnURfFZsIZfnpZoG6jsfLKWUSKJro9SNrxQptnSH5xkvEOF7gZS8HTkEvjE1sgfIEabZrYIIo5nLrz9yxmuiHIOqx1uyhJGw1dr4pJSGAMcYGGOpfy8uOy80+46MUW8ZtpSTspaTiHnUgs7gSPyCThrgdiNjiAj+mAeUKYytQDt5MQxp0FbUvv34bCJ9Q8G7hXVqBaXO7N/wyyiJ2WL8BbfZhoKM0vmn/oaYmomdlWF08YmkJyeqvf0N9/s6gyzjdj7Aqihi/02YiOqdL5m5WZAREiqIGo/HtlpCoShiqtNn545mD+KwanMdJbJp8ALn7yjJJEKpXVCcUaZOPR7kTF4fZ0eUTuVH3SeyCf3z3OpZ55MeGOkjKfVRkHS6FJ9Uhkjxi0K/2apROB/XCtS0Bv3AjOxt7f7HvabmYzx3J/43JLFKK5BkmqTBGUTowKU/40kxbWug1MAnSzbmDEucZ/eu34SE4R2oXarLrflH9kAIZ6+cftMpAAOKd5VVHeVJKnl4MTSU4C67iwsVpVoJ+mQOPHsf5Ekuw== am@debian-am
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0zIEBYPoa9jQLE1+vRv3oMCwn5VM1EpwCb/K5Utqb1+VOpamWEFy3tkJrkppKFxjst+rDl5ztPLKal6LMURuOQhcGmVux+hJM/ucVtzvx/LHJsBmFsZGRJ2Y2cUXwDzedWqvJybzDhLWcuxPSdvIIiv7bTCLLSIatwsGEnDJ1ffSRgkcrXAd8Pu6/ghPAQwkpIv+POB6kvu5mDHcV5xqliMvI3C4pznheFX603WZ4qA2n0sokQ+2bHSDQHZqziGw4vwQc692JauVEHUDoznTGgMlzuiC2f7Aw1q2V9WFPvOifSr+uhTU8DCDlnssSZ/3m7dnh0soFVodju3s2Wpr32fWocyNqay6FDRYQLuFPziGqlQ6wMJE6nDXr+dYTwZm6ktMGp12/Go3KROCr06Q23JSrT5uaQ+UImoU1Y6veejpU34uo1kMQnoV16OsYARa0Aza5S9S8I3evIOGxPGNAsTb+mlylRwqUm7QSpQGpn3ov7fefG4EvH6ytQlZDAou9GyaeVFfhToqQ8cSqyDU4MOLTfILXTB2tjIRnIjs9U0B6Vczv/sZ9rp/614A5mzXapsfhDyx4FieDtVkr/gFNhI1s3f8y5VJcvL7NX2ggeaqq+kfHkIxAwUUjaVCLB+E3LgUeTG5bzz/ErZbRuDqTKpHUaHKinTNoObR9xpz7+w== amj@dwabyam
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCCKtSulhB9uva1RYOtwcLMcO+1V5oGti50OXntqG0OZfEauz/oLTQpt+nkKYNUN6MazL+9ienYQ8ZZPgZbOs9WGh0acxBcPM5Dw5b0ZWEJ8h9Dk2M7P144aeRS/HuHVvc/JyI3+gYHgqWGe5ycEzlrFeegX7/Zr76eaFDQPGMnsJCFZVga24TiSPiEBTuyszq0/emsLJe41zFY4J6Y2kbaWuJYbiAvA0mZAD+g6+ltEa6vdUOF1BI2kTPFeKXc2dCnbaJAz00I437zUGdaU4533iyLHygxLPjAsjxO8q4f163VR7Rd2jibvRUW2EXgVoY1mJjkNwi2XLQCCwgG/6G8IuQaMjPAx0v7bf+vAJ3x+esJtVFNa55sgU7uHWPaRAwtovspCFBpTRIsp6J5f+1WLqWQVBVBZHdR+5PC2H5Zwb5Hq33Jn8ksQoPMCWcbIbjgF78a/B4LgtsJpA2x8cGJi6p1DEKT5bC6ROGMxqPwA8pFgI3+0X5ukZvTMDH7BjiXkbdyCaFfwo7UofRrPHIUyPAYh/XD7rUddc/6rjVBzmkXTeyYvevOOlmTxM5BDJZI/w6Gc2/XQchCDoWT9ttw7VWX19fHaHtx8KE/I8JaSS5hW77Kl3PzWJxewOAcJMh9HNza3jBgqZFTHktPCPUBZbsjD27YWJcYPrhzpQErQ== amj@thinbiam
diff --git a/roles/shellserver/users/files/ssh_keys/ariel b/roles/shellserver/users/files/ssh_keys/ariel
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/ariel
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/ariel
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwaTYlLZ90/oQ5tDYDkhI2mHa1L6Vh+zcekCt8D08N7/CrFI5sUVteTwMWw2ytQlWnyT3HVgHb4IS1EPjpjyuqseRcNW0HYsqBk3E36PCBQIqjLZ0nDAeHQtm6T6pXiKC5qUppghwrvDxVYFpF3lFzAzfYMrF7iugk0xRPTHZWm8df7dqIB/6FfbxSD95yQVAlJefxoFWbo3Yn+exEZQvWv6lQYXnjV5DSwMf8tPGDkc2DRjrnR52ZrXPRZFCqc9JGkA/l8QsYtjmqJdnOgq5raOb56aRulJYdP2j//B4lRJJlglMuj8dSZE/j04zub+P2QhfdqeEHmeaTUqbwcnZZw==
diff --git a/roles/shellserver/users/files/ssh_keys/axe b/roles/shellserver/users/files/ssh_keys/axe
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/axe
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/axe
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjrcYXZ2/bfTdxVI1ZMXknB7WJa8uY1RLZ5Vrs2LPRTzBqaXzpY6/Iw5Ibiy8KMbVo/vQtAWrGY00ucHE+swS2VEtWIZc72kSznkL65bKtqHbZa+IqktRUBsg6ay/3Xups0DBfZ1T+SRSiLh0rya1dXd2NyIrvSo5eCxEPqAPm87rOrgC95GRxqlJUZ5ZOjV92K9v6TcTQWn61nGl2DQviAugNGtHGXhq0Xk98lWkLeGhDLedJOqFmHvqGrkSQpEps7ivlh3Mstv49pXqH1dIA7UhnyX5DTR6YjhIKehZnCfsl8wt6FMCs5QMor1giY4ZpUhY2D4ezvzFD2kqbOUvQQ== 2017-06-14
diff --git a/roles/shellserver/users/files/ssh_keys/c2c b/roles/shellserver/users/files/ssh_keys/c2c
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/c2c
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/c2c
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyoC7ekLYc7nsd1QsgfdEatYw1FC7z92miIdXvx0n8O c2c@ender
diff --git a/roles/shellserver/users/files/ssh_keys/chan b/roles/shellserver/users/files/ssh_keys/chan
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/chan
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/chan
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvDcmKHfTrCBRpjJxYyIELMRknrMpDXfcKDhfXqmB09 chan@Calculon
diff --git a/roles/shellserver/users/files/ssh_keys/dereckson b/roles/shellserver/users/files/ssh_keys/dereckson
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/dereckson
+++ /dev/null
@@ -1,25 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/dereckson
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzD5VzetMFTUHLWrLyBsnZ6bdwDa4Ip9WWAh5nLxKyR dereckson@ysul.nasqueron.org
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIURiX8gBIv91sxutRQeESip7Ympmqe6miepoNDvXpZ9 dereckson@orin.dereckson.drake
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGIYBdz8pW4vaSyA/QPlcU81uLI8SHoq7I+K6FPO9oh dereckson@graywell.dereckson.drake
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV4p25jLQQHLgKH1SawoNLKuxkfyHuERRDUN9QZ7i5m dereckson@yakin.dereckson.drake
diff --git a/roles/shellserver/users/files/ssh_keys/erol b/roles/shellserver/users/files/ssh_keys/erol
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/erol
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/erol
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdHrSRJGwaGFTpoZIvkoWTMpnXgke77emVicMT8b37kcUepeD91pA3UPQ7UOEQl/Af3Ly7ePneymZ6NjAkM06oPeIjxE6Nz+i6p7rVIZhCb9qz+hdKgt4wSEQLWponegFNdCUs6HvMjDGlsI0kajHgIakXiKAwNyxhQzpBoGranO9c2PdAq2HGq7Kcq8ApC1kdKG0W3dT4PWborzmt1jWna2yosEn+TTHj5wi2p/E9BsCbmfokBO3xn491lr1P4shh4zg7Mv3SPD3j4/mZb9EMwD8cl4y9ZIoMEbL8p4s8J7Joqs3gK9hmMN5ZCNUFrNrJu3TCRZre2k7cV3+U3IXT erol@fedai
diff --git a/roles/shellserver/users/files/ssh_keys/harshcrop b/roles/shellserver/users/files/ssh_keys/harshcrop
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/harshcrop
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/harshcrop
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1ANaxVViiL8s2KTdb+p4FWBBZjXz3zH9/es0SSLuXzCjcs1opEeMeb4roQWWgxrZ3j0aOJAj0smSP1THtrwW1xUE5DidmueuqokgbQuvkrsvcDaJYbNjUr/3fAw7/JcWgh4lSSxCLgflpjBr5aTlMQZj/KPrGnlzjr/hPvb8cAomS2HD+hLuC2z26cvOhY811scTZWMoBrxSkmrXOTkutRdZm+TrYJyZy7xQ9ncfsARYzrOZ4be+0mfb6i4tJfMbBvadSu/gyJdOLCfV5SxdjpMLPqIXO9hWkRKYH8SFX5ZWVw8C06iJWcnFCIw1YMTFYe1MNqV8YICiYUmJ2CWaL harshcrop@Harshs-MacBook-Pro.local
diff --git a/roles/shellserver/users/files/ssh_keys/hlp b/roles/shellserver/users/files/ssh_keys/hlp
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/hlp
+++ /dev/null
@@ -1,23 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/hlp
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIP+04Jhq2toJ+RLx41NKrtDGgmSCfOsAY/BnJ6EzNXC hlp@sonny
-
diff --git a/roles/shellserver/users/files/ssh_keys/kazuya b/roles/shellserver/users/files/ssh_keys/kazuya
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/kazuya
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/kazuya
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtCcRQ6HVKD5mj602UJkpI/TMGVt1R0yYx1HxP6SWJb6FM2E4wzkxtf0sp2cxW/9Lz/0OsQV8fSSo/qfUhQXfRcL+rxsM+iixD0WMffMC8CrqsYS+VV32HR2sIm8J7yyMweJrfYneErdFisGmMgOFw8vBGX01XfdwGqbSflf3Tal7L3R0g65rclGsg7JckWE6RQMXnvGwXQxv4QahaNtZK74AlyeFgsXYlv14UeaGE4Pz+rkgZKoC4tvAOBQMNxWtCPMcydJOacoCZO7Jcxv0jMUo0y26mulQ6vbz5hqAPS612c47gh8VNDDkQaznQMeiSyIlnvDEkHmzvC8Z3UAeJ eglide
diff --git a/roles/shellserver/users/files/ssh_keys/khmerboy b/roles/shellserver/users/files/ssh_keys/khmerboy
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/khmerboy
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/khmerboy
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxg4+y6QxyyeHvmcWHy5Q9pjh8YBNC+Q1w3+QHWH/7WKw9odKHgtpu2hixfOeZl5k/E9+XPw2oGmQzs3pInz/yyegGB57kb3xAftqJkHVuBKsrz+7q3fPjnoqk3VZ62k5II3oqEEjizdVhEVacU+149m3LJWo+FKoRAKxlX39KwEM+UMDfynck7OJvKRWTTP/cbPzR7kaMifQLWZF6stFilRnYBAesK2DzLgO37DovwxmQO1CbBuitgsHwLDXGW0gePyC39REIrntZSte1xdlEfC27rQnXcH3YPcTm9bwNBXnK1Jiwfp3fJ6q6FIz9IaybhO6CGNOOODHN4R4DTbbfQ== rsa-key-20170922
diff --git a/roles/shellserver/users/files/ssh_keys/kumkum b/roles/shellserver/users/files/ssh_keys/kumkum
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/kumkum
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/kumkum
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnCIiESqqsGOhaS16jwboLplQIP0FwKMhk0oRF7EP55 kumkum@kumkum-E200HA
diff --git a/roles/shellserver/users/files/ssh_keys/pkuz b/roles/shellserver/users/files/ssh_keys/pkuz
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/pkuz
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/pkuz
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHIngmKZJUTBgps2LpfrjFwMtW8U5Zd0olKnmG0YZbApN9UHmiVKw6ow0U+KxI6kYGrNi6acKRnZHrnip8io8swW8PnLsgFKoCO2Ywrz/uDFaNJIVdTiNNB1Msm4dd2SiRwtn09SUVwSKBIFQFEoPG7q7v1OgvhIAk13/qbrOV+u6ZgoY8ssYH7qlRElAc4cptjtTen63f87wHFUN65T70ce6nFxOsZfTrB5Y+O7DTO25y7RV6q7CXq+i1uxJutDWDOLhb+dAqQHb5JEqBTF+CElyZtJtK+GxiXfMTWTyNBlv/4up/fRDMRxZ1F69Wowjn3MSnvsFgqxhwxW6Fksr7
diff --git a/roles/shellserver/users/files/ssh_keys/rashk0 b/roles/shellserver/users/files/ssh_keys/rashk0
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/rashk0
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rashk0
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJKU6dVl19vQFPMUWS2iGRzBV1uD9YEaMijBkY2oPYjwhFXc1fouGGr17kkSK9D0c4pr9A6jk/gH9GWE5SpwaZY94VK5QfdvHpyA1hLevdUc4mwuIbsMp893kr0e9Miys1/v+UdFhUq0n3rWiER3oo9rJjx3qloBqSfD18y3sCFTyM1AheVMp7E71kgViG7wWtHrkmnrBo3V5ENc2snTCQy7lF7eQ5a6D45a5n2KYV94YrMvGDbfYUnw8IJHNN6XB1KBK6mksbm2p6fc3ow0UJDOK3bfJNUkp9tfRJV/EeYxGPYJRE60Ng2Dqc3zZaH7FDgbBLoK0UwGURQozNSQT campari@Beta
diff --git a/roles/shellserver/users/files/ssh_keys/ringa b/roles/shellserver/users/files/ssh_keys/ringa
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/ringa
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/ringa
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiTobf2i/IveVlpdntX9M6p9rOe60HuODq5FslTIFxA/RwKQbJKafCQZ3ci+Pt9BKAKtBGSJANNfbxxN7VRB+iO6UZUh2Qjb012CfigC5g1r9MEryqh8LBP27NqTkCqjMZrwUa6pYMBG1/ydbOA0BIr3C72QfpXC/qCSvXNgQzL7DGSR7cgjhGvMDn5ewJuxsvXAcajMLEORxeYooONG9ELGRUMFI4WcX6gmiYcrMVsMF+7ByshIngV5v9esWadi+RdTWUVOYt2yVS7hkYHZwUX/bN1AOfkRiuD1w3DFFiHhSoquCwaOOZjKxAw6VOrV6O/toLGe0kXXfRFzeB29/1w== rsa-key-20170111
diff --git a/roles/shellserver/users/files/ssh_keys/rix b/roles/shellserver/users/files/ssh_keys/rix
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/rix
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rix
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjFnOi4rwBVdw69U9y1xgWXrfNNgxEXAmbXthzHae07COwN190xoWv8VeogKxfMdxE2Tj4E0BDFt2i7Jbk9BploFdNXG46lrnoszmgRsuRx5jERfvMyOPvCAQHbL0N53AL6zH9wXF/51a5bJJ3n4wkmO1nDj9WqrDNk0in+knICiPHQX4TxwRXqBuf61gQMxwy8Aoy1WCCfCeAesZxjdFM47C6X3PPHVaXvF6x6iX8OzIHqoVT18yQAQxbET+PWMtlmNFJFx76+Sov4eQm/d2KeRg0aqw49gKLpigYnHfd2uitmSQixBNl5jyvDMoR92vZmZnScmqA9cXQikQ9HCW6Q== rsa-key-20170110
diff --git a/roles/shellserver/users/files/ssh_keys/sandlayth b/roles/shellserver/users/files/ssh_keys/sandlayth
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/sandlayth
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/sandlayth
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4H4SF3NZ0/o5uTYhIUKUEzP7hlZ0mGqMxs6wt/dhQs kalix@arch-laptop
diff --git a/roles/shellserver/users/files/ssh_keys/shark b/roles/shellserver/users/files/ssh_keys/shark
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/shark
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/shark
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjKehL1PdhcpLNiGdWLuVCUpNawUhQoxon3nmhZm/B+oU2nwygqvx9YU3LFzTEDNXWtU0aH2UVgC5bkRyVdmVKjX878luoluYwhKJFrYoEd9zS+EPDNmNYSoKntDbZoB17iacVEUM4Kg3RAzwStw3L8OO9DlB9NdXUzS8/9wlSy43ddoRRy83FvnvhRNXWScUIQyBolxqyoVvXdLZ2t0PnCdU3Bz2Wkcg24XjwDOR0R0A3780b+VGcsjXtjYxK6xCpNo9l2DqLAfpw+BFusWy6au5U15vfHgR91Lbcd1xtfvJAElI97fR6DGf+HSrtYZe+9gMU1nofibdiNWSJ/Vn+Q== rsa-key-20161212
diff --git a/roles/shellserver/users/files/ssh_keys/thrx b/roles/shellserver/users/files/ssh_keys/thrx
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/thrx
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/thrx
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqm65UgRA1ZJaGnam+PQiFmXKOKZHAUc5jN8zRQsAaFv5Kgxks857DPBX8eO7Wolh70C/UVXAqYgHS2yg74KKKzyjv2vd/de4vQuC4m24IRWkuGJ6xr+dgqNRMn3YklJ2W/SzMCLIFNWUlM3JnvIPElxrLVMSm9ZCACAvWGgy8uF+vBkJYsmfN5AokyzSZcAUqREBbnsC33erGz50it4Oxn4QpAGWtYBHz+kHz89rZBMbMRAoMyQ1EfnzH076jtufHuTdqibmQRB39GbY8bgJJk0tpntwTvx4pHAnMK6CUwbjtFU03LByYNiIzDjwHXqfwuQZl8WlQjx7oTVNHCJ9fw== rsa-key-20170221
diff --git a/roles/shellserver/users/files/ssh_keys/tomjerr b/roles/shellserver/users/files/ssh_keys/tomjerr
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/tomjerr
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/tomjerr
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7WGzb6h6i8H81nkw0E2PvFwi1yqODeltyGwFQxEwL4+bc75LlbxtpIsxS+D4vkervfGjMwgAJSFOv6uimRhubmp1I2Pf85APTf/a9xXmNzAuNnhR8ur93I08cQ2kKlY19q3EX4H4qj2HizRZxgusG8dYyBWuKuq6P7vIn5zn55IzFJKxCekydAjQsDUTOaio5brLD3sY8IfnWtKWDgrszozUOEqZdquJDS6LBEHHDTpWK/Mzuwd6YkpfdG2GVLwuN6Rj43jNoxcvk2W7oJyJQQ7xSpNR3QIFzTAu9VL9AAv4qak4o2AYpmg8HXsgGR2ARvJ0mFzWw8qy/c/5plPgp tomjerr
diff --git a/roles/shellserver/users/files/ssh_keys/xcombelle b/roles/shellserver/users/files/ssh_keys/xcombelle
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/xcombelle
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/xcombelle
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9KJQDTtuxGCOaeFtip+yel45zMNS4tvrYg0AzNhT22K8g3F8wiY1GKvYw6Czj8Zo+rqA5/Rt7BCQwNtZyI+Nh23Cvg5wZQ2A6dtzQI69HZVSi+FRA5o4/SG4wyp7AT6wuWn+7tTE/pH69D0keDmaNpLSzhkxKFQd2DuOD2BENobEIE9DzbRf2DeUJ15uCzX/mnEXykklYvQ5AontiwL7VNB1VpNebrfnecAaAua0RhuYp+XwxBaSM4KB4lIA6hTBYEOG6J3TaC3GofMtAANI/n8gcCQkadkqtQHrap2Wh9X6bzekwROVGui1TW6sM7+hS4P7PM80nK05iVnGzIfYR xavier.combelle@gmail.com
diff --git a/roles/shellserver/users/files/ssh_keys/xray b/roles/shellserver/users/files/ssh_keys/xray
deleted file mode 100644
--- a/roles/shellserver/users/files/ssh_keys/xray
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/xray
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAzSj3sQYbrBBdceBRUAbuzCS9vZWycVV0OSZ0ofoWx/dOTIalhc3O+aett7J34GqwDgpcTEkEpa/MrlO/2TOGOFIsPlvbZW4fXXFADCbOWkRRNuYW5rv/Sg6ZliGtw4cj0dKEkn9+L/JAuGwKV5KJNTPcp5w8hZyQYczZ8KhcyNVv7mfzLnId03wPnuTTe+AmCTOitbVb3gxjdXDYeS46PkbV8m/23KpcdLigo3ClDwE/SIoA+YddaAbpWDMEwhnWyKmLGI6xkFcqSY1NT0eYnL2waZMEnfluxt+D0V0IT5NeOmQcTuVWPvjFdSKbKepPhdrFmzGNtytfZWoFOPiG+Q== rsa-key-20170119
diff --git a/roles/shellserver/users/init.sls b/roles/shellserver/users/init.sls
--- a/roles/shellserver/users/init.sls
+++ b/roles/shellserver/users/init.sls
@@ -26,7 +26,7 @@
# -------------------------------------------------------------
{% for user in pillar.get('revokedusers') %}
-{{user}}:
+eglide_legacy_{{user}}:
user.absent
{% endfor %}
@@ -34,8 +34,8 @@
# Active accounts
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
-{{user}}:
+{% for user, args in pillar.get('eglide_shellusers', {}).iteritems() %}
+eglide_legacy_{{user}}:
user.present:
- fullname: {{ args['fullname'] }}
- shell: {{ shells[args['shell']|default('bash')] }}
@@ -48,30 +48,19 @@
shell:
group.present:
- - system: True
- gid: 200
- members:
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
+{% for user, args in pillar.get('eglide_shellusers', {}).iteritems() %}
- {{user}}
{% endfor %}
-{% for group, args in pillar.get('shellgroups', {}).iteritems() %}
-group_{{group}}:
- group.present:
- - name: {{group}}
- - system: False
- - gid: {{ args['gid'] }}
- - members: {{ args['members'] }}
-{% endfor %}
-
# -------------------------------------------------------------
# Managed SSH keys
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
+{% for user, args in pillar.get('eglide_shellusers', {}).iteritems() %}
sshkey_{{user}}:
ssh_auth.present:
- user: {{user}}
- source: salt://roles/shellserver/users/files/ssh_keys/{{user}}
{% endfor %}
-
diff --git a/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py b/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py
new file mode 100755
--- /dev/null
+++ b/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py
@@ -0,0 +1,114 @@
+#!/usr/bin/env python3
+
+# -------------------------------------------------------------
+# rOPS — migrate SSH keys from file to Salt state
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-09
+# Description: Read a dictionary, and for each key, find in
+# a specified folder a data file. Add data from
+# this file to the dictionary. Output in YAML.
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Table of contents
+# -------------------------------------------------------------
+#
+# :: Configuration
+# :: YAML style
+# :: Update code
+# :: Run task
+#
+# -------------------------------------------------------------
+
+
+import os
+import yaml
+
+
+# -------------------------------------------------------------
+# Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+# Where is located the dictionary to update?
+state_file = 'pillar/core/users.sls'
+state_key = 'shellusers'
+
+# Where are located the data fileS?
+data_path = 'roles/shellserver/users/files/ssh_keys/'
+
+# What property should get the data and be added if missing in the dict?
+state_data_property = 'ssh_keys'
+
+
+# -------------------------------------------------------------
+# YAML style
+#
+# Allows to dump with indented lists
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+class SaltStyleDumper(yaml.Dumper):
+
+ def increase_indent(self, flow=False, indentless=False):
+ return super(SaltStyleDumper, self).increase_indent(flow, False)
+
+
+# -------------------------------------------------------------
+# Update code
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+def do_update():
+ state = read_state()
+ update_state(state)
+ print(dump_state(state))
+
+
+def read_state():
+ fd = open(state_file, "r")
+ states = yaml.load(fd.read())
+ fd.close()
+
+ return states[state_key]
+
+
+def update_state(state):
+ for key in state:
+ if state_data_property not in state[key]:
+ state[key][state_data_property] = read_data(key)
+
+
+def read_data(key):
+ path = data_path + key
+
+ if not os.path.exists(path):
+ return []
+
+ return [line.strip() for line in open(path, "r") if is_value_line(line)]
+
+
+def is_value_line(line):
+ if line.startswith("#"):
+ return False
+
+ if line.strip() == '':
+ return False
+
+ return True
+
+
+def dump_state(state):
+ return yaml.dump({state_key: state},
+ default_flow_style=False,
+ Dumper=SaltStyleDumper, width=1000)
+
+
+# -------------------------------------------------------------
+# Run task
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+do_update()
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Dec 22, 06:20 (20 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2310378
Default Alt Text
D1187.id3038.diff (69 KB)
Attached To
Mode
D1187: Provision users and groups to servers
Attached
Detach File
Event Timeline
Log In to Comment