Page MenuHomeDevCentral

No OneTemporary

diff --git a/.editorconfig b/.editorconfig
index a59c4ee..0ec81b9 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,22 +1,22 @@
# EditorConfig - http://EditorConfig.org
root = true
[*]
end_of_line = lf
trim_trailing_whitespace = true
insert_final_newline = true
charset = utf-8
# 4 space indentation
[*.{conf, php, py, sh}]
indent_style = space
indent_size = 4
# 2 space indentation
-[*.{sls,jinja,json,yml}]
+[*.{sls,jinja,json,yml,yaml}]
indent_style = space
indent_size = 2
# Tab indentation (no size specified)
[Makefile]
indent_style = tab
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..008af35
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+__pycache__
+*.pyc
+*.pyo
diff --git a/GIDs b/GIDs
index 94fdfd2..c925a97 100644
--- a/GIDs
+++ b/GIDs
@@ -1,6 +1,9 @@
827 chaton-dev
828 deployment
829 nasqueron-irc
+3001 ops
+#3002 is intentionally left unassigned
+3003 deployment
9001 salt
9002 deploy
9003 web
diff --git a/_modules/forest.py b/_modules/forest.py
new file mode 100644
index 0000000..a7c4763
--- /dev/null
+++ b/_modules/forest.py
@@ -0,0 +1,105 @@
+# -*- coding: utf-8 -*-
+
+# -------------------------------------------------------------
+# Salt — Forest execution module
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-11
+# Description: Functions related to forests
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+
+def exists(forest):
+ '''
+ A function to check if a forest exists.
+
+ CLI Example::
+
+ salt '*' forest.exists eglide
+ '''
+ return forest in __pillar__.get('forests', [])
+
+
+def get():
+ '''
+ A function to get the forest of the current minion
+
+ CLI Example::
+
+ salt '*' forest.get
+ '''
+ nodes = __pillar__.get('nodes')
+ minion = __grains__['id']
+ return nodes[minion]['forest']
+
+
+def list_groups(forest=None):
+ '''
+ A function to list groups for a forest.
+
+ CLI Example::
+
+ salt '*' forest.list_groups
+ '''
+ if forest is None:
+ forest = get()
+
+ groups = __pillar__.get('shellgroups_ubiquity', [])
+
+ groupsByForest = __pillar__.get('shellgroups_by_forest', {})
+ if forest in groupsByForest:
+ groups.extend(groupsByForest[forest])
+
+ return groups
+
+
+def get_groups(forest=None):
+ '''
+ A function to get groups for a forest as a dictionary,
+ including the group properties.
+
+ CLI Example::
+
+ salt '*' forest.get_groups
+ '''
+ groups = {}
+
+ for groupname in list_groups(forest):
+ groups[groupname] = __pillar__['shellgroups'][groupname]
+
+ return groups
+
+
+def list_users(forest=None):
+ '''
+ A function to list groups for a forest.
+
+ CLI Example::
+
+ salt '*' forest.list_users
+ '''
+ users = []
+
+ for group in get_groups(forest).values():
+ if "members" in group:
+ users.extend(group['members'])
+
+ return list(set(users))
+
+
+def get_users(forest=None):
+ '''
+ A function to get users for a forest as a dictionary,
+ including the users properties.
+
+ CLI Example::
+
+ salt '*' forest.get_users
+ '''
+ users = {}
+
+ for username in list_users(forest):
+ users[username] = __pillar__['shellusers'][username]
+
+ return users
diff --git a/_tests/Makefile b/_tests/Makefile
new file mode 100644
index 0000000..b15e9f0
--- /dev/null
+++ b/_tests/Makefile
@@ -0,0 +1,3 @@
+test:
+ python -m unittest discover modules
+
diff --git a/_tests/data/forests.yaml b/_tests/data/forests.yaml
new file mode 100644
index 0000000..2fb6208
--- /dev/null
+++ b/_tests/data/forests.yaml
@@ -0,0 +1,29 @@
+forests:
+ - brethil
+ - fangorn
+ - lothlorien
+
+nodes:
+ egladil:
+ forest: lothlorien
+ entwash:
+ forest: fangorn
+
+shellgroups_ubiquity:
+ - ubiquity
+
+shellgroups_by_forest:
+ lothlorien:
+ - caras_galadhon
+
+shellgroups:
+ ubiquity: {}
+ caras_galadhon:
+ members:
+ - amdir
+ - amroth
+
+shellusers:
+ amdir: {}
+ amroth: {}
+ galadriel: {}
diff --git a/_tests/mocks/dunder.py b/_tests/mocks/dunder.py
new file mode 100644
index 0000000..3bfafe8
--- /dev/null
+++ b/_tests/mocks/dunder.py
@@ -0,0 +1,26 @@
+class dunder:
+
+ def __init__(self):
+ self.data = {}
+
+ def get(self, key, default=None):
+ if key in self.data:
+ return self.data[key]
+
+ return default
+
+ def set(self, key, value):
+ self.data[key] = value
+
+ def __iter__(self):
+ for key, value in self.data.items():
+ yield [key, value]
+
+ def __getitem__(self, key):
+ if key not in self.data:
+ raise KeyError
+
+ return self.data[key]
+
+ def __setitem__(self, key, value):
+ self.data[key] = value
diff --git a/_tests/modules/test_forest.py b/_tests/modules/test_forest.py
new file mode 100644
index 0000000..274e085
--- /dev/null
+++ b/_tests/modules/test_forest.py
@@ -0,0 +1,53 @@
+import imp
+import unittest
+
+
+salt_test_case = imp.load_source('salt_test_case', "salt_test_case.py")
+forest = imp.load_source('forest', "../_modules/forest.py")
+
+
+class Testinstance(unittest.TestCase, salt_test_case.SaltTestCase):
+
+ def setUp(self):
+ self.initialize_mocks()
+ self.instance = forest
+
+ self.mock_pillar('data/forests.yaml')
+
+ self.mock_grains()
+ self.grains['id'] = 'egladil'
+
+ def test_exists(self):
+ self.assertTrue(forest.exists('lothlorien'))
+ self.assertFalse(forest.exists('notexisting'))
+
+ def test_get(self):
+ self.assertEqual("lothlorien", forest.get())
+
+ def test_get_when_key_not_exists(self):
+ self.grains['id'] = 'notexisting'
+ self.assertRaises(KeyError, forest.get)
+
+ def test_list_groups(self):
+ self.assertEqual(['caras_galadhon', 'ubiquity'],
+ sorted(forest.list_groups()))
+
+ def test_list_groups_when_there_are_none_for_the_foreest(self):
+ self.grains['id'] = 'entwash'
+ self.assertEqual(['ubiquity'], forest.list_groups())
+
+ def test_get_groups(self):
+ self.assertEqual(['caras_galadhon', 'ubiquity'],
+ sorted(forest.get_groups().keys()))
+
+ def test_list_users(self):
+ self.assertEqual(['amdir', 'amroth'],
+ sorted(forest.list_users()))
+
+ def test_get_users(self):
+ self.assertEqual(['amdir', 'amroth'],
+ sorted(forest.get_users().keys()))
+
+
+if __name__ == '__main__':
+ unittest.main()
diff --git a/_tests/salt_test_case.py b/_tests/salt_test_case.py
new file mode 100644
index 0000000..2552b62
--- /dev/null
+++ b/_tests/salt_test_case.py
@@ -0,0 +1,30 @@
+import imp
+import yaml
+from mock import patch
+
+
+class SaltTestCase:
+
+ def initialize_mocks(self):
+ source = imp.load_source('dunder', "mocks/dunder.py")
+ self.pillar = source.dunder()
+ self.grains = source.dunder()
+
+ def import_data_from_yaml(self, filename):
+ with open(filename, 'r') as fd:
+ return yaml.load(fd.read())
+
+ def mock_pillar(self, filename=None, target=None):
+ if not target:
+ target = self.instance
+
+ if filename:
+ self.pillar.data = self.import_data_from_yaml(filename)
+
+ target.__pillar__ = self.pillar
+
+ def mock_grains(self, target=None):
+ if not target:
+ target = self.instance
+
+ target.__grains__ = self.grains
diff --git a/pillar/core/groups.sls b/pillar/core/groups.sls
new file mode 100644
index 0000000..5c95fc3
--- /dev/null
+++ b/pillar/core/groups.sls
@@ -0,0 +1,90 @@
+# -------------------------------------------------------------
+# Salt — Users accounts list
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-09
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Users groups
+#
+# These groups will be deployed on each servers if included in
+# shellgroups_ubiquity or in some servers forests if included
+# in the state shellgroups_by_forest.
+#
+# As for users, the mere fact to add a group here is a no-op.
+# These mapping are defined in the forests.sls pillar file.
+#
+# Sort the groups by GIDs.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+shellgroups:
+ shell:
+ gid: 200
+ title: Eglide shell users
+ description: >
+ Provide an account to use on the Eglide shell hosting project servers.
+ members:
+ - akoe
+ - amj
+ - ariel
+ - axe
+ - c2c
+ - chan
+ - dereckson
+ - erol
+ - harshcrop
+ - hlp
+ - kazuya
+ - khmerboy
+ - kumkum
+ - pkuz
+ - rama
+ - rashk0
+ - ringa
+ - rix
+ - sandlayth
+ - shark
+ - thrx
+ - tomjerr
+ - xcombelle
+ - xray
+ chaton-dev:
+ gid: 827
+ description: Manage Bonjour chaton service
+ members:
+ - hlp
+ nasqueron-irc:
+ gid: 829
+ description: Manage IRC bots used for Nasqueron projects
+ members:
+ - dereckson
+ - sandlayth
+ ops:
+ gid: 3001
+ title: Nasqueron Operations
+ description: >
+ Maintain the servers infrastructure. As such, members of this
+ group have a root access everywhere.
+ members:
+ - dereckson
+ - sandlayth
+ deployment:
+ gid: 3003
+ title: Nasqueron Deployment
+ description: >
+ Build softwares to be installed on the servers.
+ Deploy web sites and services files.
+ members:
+ - dereckson
+ nasquenautes:
+ gid: 3004
+ title: Nasqueron servers users
+ description: >
+ Provide an account on Nasqueron development servers.
+ members:
+ - dereckson
+ - kumkum
+ - rama
+ - xcombelle
diff --git a/pillar/core/users.sls b/pillar/core/users.sls
new file mode 100644
index 0000000..57ab4a1
--- /dev/null
+++ b/pillar/core/users.sls
@@ -0,0 +1,165 @@
+# -------------------------------------------------------------
+# Salt — Users accounts list
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-08
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Users accounts
+#
+# shellusers:
+# When an account isn't included in a group, this is a no-op.
+# As such, users hereby listed don't have access to any server.
+#
+# revokedusers:
+# Users in this list will be removed from the servers.
+#
+# To rename an user:
+# Edit the username in the shellusers section,
+# add the former username to the revokedusers list.
+#
+# Sort the accounts by their username alphabetic order.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+revokedusers:
+ # Account renamed to erol // T808
+ - fedai
+ # Temporary test account // D608, D609
+ - amjtest
+ # Account renamed to sandlayth // T789
+ - kalix
+ # Users who never have connected to Eglide's accounts (SSH key issues)
+ - tarik
+
+shellusers:
+ akoe:
+ fullname: akoe
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyffI4KDYcnVYJKLIUcVhi0gtjaGPHFs7lJMyYn2RSEmRBoMyz7leZ+vbxC1I0BxiAs20JAAVKDFs+XsWSlKjVSXO++giTZCC2mnaQRR31cRiBXLqm7SZylAGMZiVeWgy9iOZTHQg0oOmE7z5P9hBIpLgScn9qmFKOI9iQwOrYa1u5G9H7qopdW5HdlZ9RDTzHDXQr6byc9Hk7NmycVhnry7WLKvVsSFCsJ2AjBXxB3Ck6CUhF/si8tCAA6EgRs8c+vh8hevUjprDc1rD++THhY/c5esFh5KxyLRr3dCq8QZ7zaJBWkgxXevPKmSlL/zEpyhtTG2CMUeRwURUmByp5 akoe
+ uid: 2024
+ amj:
+ fullname: Amaury J.
+ shell: zsh
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHRDb+9juQM0Dr/lUKwVF0iYid6iZbO8ZFqshxklaIpnzOgKqpkjEE7JhgegDZW+zH+WqlvKXC0ce6KkHAbmCsnu3wdXVkKS2IAfLCa6rQYMXFc8GYU929UMj4LilVCgDi2sXEOSTI6uh2yc8WkVGEOguMt9E7f5za44q+kJGnLJRK/1gu/1eDbCOe/dFfZg7o4hBlMrFcCbb2r+iUevOj92K7jJcYm8x3wmt4FTJbh5/6LJ3lgstLWYmY2jzbxKeJ1ONGg9e1tDNqkKMHcsvMeEyMTdGykYYhEI7tGMoEoxJQIWILpO0h7o8dnxvm6jC7lfBYbZtZttBPBkEsac+RUCX2Zejib0GioOnOXCKSqdk383ZXbyXIHogCn8ya2R/399Fw/40QVTFTvX8A1alSXQUJShA2RgWucPkSaufUKu3uSjGN4pUdtAkuSdcs/78mbQZkGOs29YdVSZIR5TbTld2uPiID6VLu1oLZtoEPvCrr7G5fDv02P7DR7YPKcouMyJwHswWwIQ/WKPawdDNdGEw0Cr8It0dRpI7nNZh79hdlJsqSNa1ezND4qfbm89SlmwpkypaualzvUnxfffW4hpAJp4Y1M7CNkNWLO3mdM1z/5y7vZgIzKURAClCE6h/pJASnZjA/BBxoXg5fgDf+nEGx652GaKIEtyF3PdIoFQ== am@gentam
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTQ7Tt/wm+eDc6bTbWX2HHQbdMJVS40mlEfit6usDGKb9PUDtV2pn1KumnsevFge3OArnCLDqp0pmIuMy8loMjyyFeMMsrMNvE4i1Zl/xXcss3siwlqzMDozGBpxC3jMielUnm64BMCtnURfFZsIZfnpZoG6jsfLKWUSKJro9SNrxQptnSH5xkvEOF7gZS8HTkEvjE1sgfIEabZrYIIo5nLrz9yxmuiHIOqx1uyhJGw1dr4pJSGAMcYGGOpfy8uOy80+46MUW8ZtpSTspaTiHnUgs7gSPyCThrgdiNjiAj+mAeUKYytQDt5MQxp0FbUvv34bCJ9Q8G7hXVqBaXO7N/wyyiJ2WL8BbfZhoKM0vmn/oaYmomdlWF08YmkJyeqvf0N9/s6gyzjdj7Aqihi/02YiOqdL5m5WZAREiqIGo/HtlpCoShiqtNn545mD+KwanMdJbJp8ALn7yjJJEKpXVCcUaZOPR7kTF4fZ0eUTuVH3SeyCf3z3OpZ55MeGOkjKfVRkHS6FJ9Uhkjxi0K/2apROB/XCtS0Bv3AjOxt7f7HvabmYzx3J/43JLFKK5BkmqTBGUTowKU/40kxbWug1MAnSzbmDEucZ/eu34SE4R2oXarLrflH9kAIZ6+cftMpAAOKd5VVHeVJKnl4MTSU4C67iwsVpVoJ+mQOPHsf5Ekuw== am@debian-am
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0zIEBYPoa9jQLE1+vRv3oMCwn5VM1EpwCb/K5Utqb1+VOpamWEFy3tkJrkppKFxjst+rDl5ztPLKal6LMURuOQhcGmVux+hJM/ucVtzvx/LHJsBmFsZGRJ2Y2cUXwDzedWqvJybzDhLWcuxPSdvIIiv7bTCLLSIatwsGEnDJ1ffSRgkcrXAd8Pu6/ghPAQwkpIv+POB6kvu5mDHcV5xqliMvI3C4pznheFX603WZ4qA2n0sokQ+2bHSDQHZqziGw4vwQc692JauVEHUDoznTGgMlzuiC2f7Aw1q2V9WFPvOifSr+uhTU8DCDlnssSZ/3m7dnh0soFVodju3s2Wpr32fWocyNqay6FDRYQLuFPziGqlQ6wMJE6nDXr+dYTwZm6ktMGp12/Go3KROCr06Q23JSrT5uaQ+UImoU1Y6veejpU34uo1kMQnoV16OsYARa0Aza5S9S8I3evIOGxPGNAsTb+mlylRwqUm7QSpQGpn3ov7fefG4EvH6ytQlZDAou9GyaeVFfhToqQ8cSqyDU4MOLTfILXTB2tjIRnIjs9U0B6Vczv/sZ9rp/614A5mzXapsfhDyx4FieDtVkr/gFNhI1s3f8y5VJcvL7NX2ggeaqq+kfHkIxAwUUjaVCLB+E3LgUeTG5bzz/ErZbRuDqTKpHUaHKinTNoObR9xpz7+w== amj@dwabyam
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCCKtSulhB9uva1RYOtwcLMcO+1V5oGti50OXntqG0OZfEauz/oLTQpt+nkKYNUN6MazL+9ienYQ8ZZPgZbOs9WGh0acxBcPM5Dw5b0ZWEJ8h9Dk2M7P144aeRS/HuHVvc/JyI3+gYHgqWGe5ycEzlrFeegX7/Zr76eaFDQPGMnsJCFZVga24TiSPiEBTuyszq0/emsLJe41zFY4J6Y2kbaWuJYbiAvA0mZAD+g6+ltEa6vdUOF1BI2kTPFeKXc2dCnbaJAz00I437zUGdaU4533iyLHygxLPjAsjxO8q4f163VR7Rd2jibvRUW2EXgVoY1mJjkNwi2XLQCCwgG/6G8IuQaMjPAx0v7bf+vAJ3x+esJtVFNa55sgU7uHWPaRAwtovspCFBpTRIsp6J5f+1WLqWQVBVBZHdR+5PC2H5Zwb5Hq33Jn8ksQoPMCWcbIbjgF78a/B4LgtsJpA2x8cGJi6p1DEKT5bC6ROGMxqPwA8pFgI3+0X5ukZvTMDH7BjiXkbdyCaFfwo7UofRrPHIUyPAYh/XD7rUddc/6rjVBzmkXTeyYvevOOlmTxM5BDJZI/w6Gc2/XQchCDoWT9ttw7VWX19fHaHtx8KE/I8JaSS5hW77Kl3PzWJxewOAcJMh9HNza3jBgqZFTHktPCPUBZbsjD27YWJcYPrhzpQErQ== amj@thinbiam
+ uid: 2005
+ ariel:
+ fullname: ariel
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwaTYlLZ90/oQ5tDYDkhI2mHa1L6Vh+zcekCt8D08N7/CrFI5sUVteTwMWw2ytQlWnyT3HVgHb4IS1EPjpjyuqseRcNW0HYsqBk3E36PCBQIqjLZ0nDAeHQtm6T6pXiKC5qUppghwrvDxVYFpF3lFzAzfYMrF7iugk0xRPTHZWm8df7dqIB/6FfbxSD95yQVAlJefxoFWbo3Yn+exEZQvWv6lQYXnjV5DSwMf8tPGDkc2DRjrnR52ZrXPRZFCqc9JGkA/l8QsYtjmqJdnOgq5raOb56aRulJYdP2j//B4lRJJlglMuj8dSZE/j04zub+P2QhfdqeEHmeaTUqbwcnZZw==
+ uid: 2021
+ axe:
+ fullname: axe
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjrcYXZ2/bfTdxVI1ZMXknB7WJa8uY1RLZ5Vrs2LPRTzBqaXzpY6/Iw5Ibiy8KMbVo/vQtAWrGY00ucHE+swS2VEtWIZc72kSznkL65bKtqHbZa+IqktRUBsg6ay/3Xups0DBfZ1T+SRSiLh0rya1dXd2NyIrvSo5eCxEPqAPm87rOrgC95GRxqlJUZ5ZOjV92K9v6TcTQWn61nGl2DQviAugNGtHGXhq0Xk98lWkLeGhDLedJOqFmHvqGrkSQpEps7ivlh3Mstv49pXqH1dIA7UhnyX5DTR6YjhIKehZnCfsl8wt6FMCs5QMor1giY4ZpUhY2D4ezvzFD2kqbOUvQQ== 2017-06-14
+ uid: 2019
+ c2c:
+ fullname: c2c
+ shell: fish
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyoC7ekLYc7nsd1QsgfdEatYw1FC7z92miIdXvx0n8O c2c@ender
+ uid: 2012
+ chan:
+ fullname: Chanel
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvDcmKHfTrCBRpjJxYyIELMRknrMpDXfcKDhfXqmB09 chan@Calculon
+ uid: 2009
+ dereckson:
+ fullname: Sebastien Santoro
+ shell: zsh
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzD5VzetMFTUHLWrLyBsnZ6bdwDa4Ip9WWAh5nLxKyR dereckson@ysul.nasqueron.org
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIURiX8gBIv91sxutRQeESip7Ympmqe6miepoNDvXpZ9 dereckson@orin.dereckson.drake
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGIYBdz8pW4vaSyA/QPlcU81uLI8SHoq7I+K6FPO9oh dereckson@graywell.dereckson.drake
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV4p25jLQQHLgKH1SawoNLKuxkfyHuERRDUN9QZ7i5m dereckson@yakin.dereckson.drake
+ uid: 5001
+ erol:
+ fullname: Erol Unutmaz
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdHrSRJGwaGFTpoZIvkoWTMpnXgke77emVicMT8b37kcUepeD91pA3UPQ7UOEQl/Af3Ly7ePneymZ6NjAkM06oPeIjxE6Nz+i6p7rVIZhCb9qz+hdKgt4wSEQLWponegFNdCUs6HvMjDGlsI0kajHgIakXiKAwNyxhQzpBoGranO9c2PdAq2HGq7Kcq8ApC1kdKG0W3dT4PWborzmt1jWna2yosEn+TTHj5wi2p/E9BsCbmfokBO3xn491lr1P4shh4zg7Mv3SPD3j4/mZb9EMwD8cl4y9ZIoMEbL8p4s8J7Joqs3gK9hmMN5ZCNUFrNrJu3TCRZre2k7cV3+U3IXT erol@fedai
+ uid: 2002
+ harshcrop:
+ fullname: Harsh Shah
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1ANaxVViiL8s2KTdb+p4FWBBZjXz3zH9/es0SSLuXzCjcs1opEeMeb4roQWWgxrZ3j0aOJAj0smSP1THtrwW1xUE5DidmueuqokgbQuvkrsvcDaJYbNjUr/3fAw7/JcWgh4lSSxCLgflpjBr5aTlMQZj/KPrGnlzjr/hPvb8cAomS2HD+hLuC2z26cvOhY811scTZWMoBrxSkmrXOTkutRdZm+TrYJyZy7xQ9ncfsARYzrOZ4be+0mfb6i4tJfMbBvadSu/gyJdOLCfV5SxdjpMLPqIXO9hWkRKYH8SFX5ZWVw8C06iJWcnFCIw1YMTFYe1MNqV8YICiYUmJ2CWaL harshcrop@Harshs-MacBook-Pro.local
+ uid: 2020
+ hlp:
+ fullname: hlp
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIP+04Jhq2toJ+RLx41NKrtDGgmSCfOsAY/BnJ6EzNXC hlp@sonny
+ uid: 2018
+ kazuya:
+ fullname: Kazuya
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtCcRQ6HVKD5mj602UJkpI/TMGVt1R0yYx1HxP6SWJb6FM2E4wzkxtf0sp2cxW/9Lz/0OsQV8fSSo/qfUhQXfRcL+rxsM+iixD0WMffMC8CrqsYS+VV32HR2sIm8J7yyMweJrfYneErdFisGmMgOFw8vBGX01XfdwGqbSflf3Tal7L3R0g65rclGsg7JckWE6RQMXnvGwXQxv4QahaNtZK74AlyeFgsXYlv14UeaGE4Pz+rkgZKoC4tvAOBQMNxWtCPMcydJOacoCZO7Jcxv0jMUo0y26mulQ6vbz5hqAPS612c47gh8VNDDkQaznQMeiSyIlnvDEkHmzvC8Z3UAeJ eglide
+ uid: 2004
+ khmerboy:
+ fullname: khmerboy
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxg4+y6QxyyeHvmcWHy5Q9pjh8YBNC+Q1w3+QHWH/7WKw9odKHgtpu2hixfOeZl5k/E9+XPw2oGmQzs3pInz/yyegGB57kb3xAftqJkHVuBKsrz+7q3fPjnoqk3VZ62k5II3oqEEjizdVhEVacU+149m3LJWo+FKoRAKxlX39KwEM+UMDfynck7OJvKRWTTP/cbPzR7kaMifQLWZF6stFilRnYBAesK2DzLgO37DovwxmQO1CbBuitgsHwLDXGW0gePyC39REIrntZSte1xdlEfC27rQnXcH3YPcTm9bwNBXnK1Jiwfp3fJ6q6FIz9IaybhO6CGNOOODHN4R4DTbbfQ== rsa-key-20170922
+ uid: 2023
+ kumkum:
+ fullname: Kumkum
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnCIiESqqsGOhaS16jwboLplQIP0FwKMhk0oRF7EP55 kumkum@kumkum-E200HA
+ uid: 2008
+ pkuz:
+ fullname: PK of UZ
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHIngmKZJUTBgps2LpfrjFwMtW8U5Zd0olKnmG0YZbApN9UHmiVKw6ow0U+KxI6kYGrNi6acKRnZHrnip8io8swW8PnLsgFKoCO2Ywrz/uDFaNJIVdTiNNB1Msm4dd2SiRwtn09SUVwSKBIFQFEoPG7q7v1OgvhIAk13/qbrOV+u6ZgoY8ssYH7qlRElAc4cptjtTen63f87wHFUN65T70ce6nFxOsZfTrB5Y+O7DTO25y7RV6q7CXq+i1uxJutDWDOLhb+dAqQHb5JEqBTF+CElyZtJtK+GxiXfMTWTyNBlv/4up/fRDMRxZ1F69Wowjn3MSnvsFgqxhwxW6Fksr7
+ uid: 2022
+ rama:
+ fullname: Rama
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADXRCZ9fFZJAJLOF0PakwhuU9b5Ne4PPr7ESwJzYndn
+ uid: 2013
+ rashk0:
+ fullname: Rashk0
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJKU6dVl19vQFPMUWS2iGRzBV1uD9YEaMijBkY2oPYjwhFXc1fouGGr17kkSK9D0c4pr9A6jk/gH9GWE5SpwaZY94VK5QfdvHpyA1hLevdUc4mwuIbsMp893kr0e9Miys1/v+UdFhUq0n3rWiER3oo9rJjx3qloBqSfD18y3sCFTyM1AheVMp7E71kgViG7wWtHrkmnrBo3V5ENc2snTCQy7lF7eQ5a6D45a5n2KYV94YrMvGDbfYUnw8IJHNN6XB1KBK6mksbm2p6fc3ow0UJDOK3bfJNUkp9tfRJV/EeYxGPYJRE60Ng2Dqc3zZaH7FDgbBLoK0UwGURQozNSQT campari@Beta
+ uid: 2003
+ ringa:
+ fullname: Ringa
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiTobf2i/IveVlpdntX9M6p9rOe60HuODq5FslTIFxA/RwKQbJKafCQZ3ci+Pt9BKAKtBGSJANNfbxxN7VRB+iO6UZUh2Qjb012CfigC5g1r9MEryqh8LBP27NqTkCqjMZrwUa6pYMBG1/ydbOA0BIr3C72QfpXC/qCSvXNgQzL7DGSR7cgjhGvMDn5ewJuxsvXAcajMLEORxeYooONG9ELGRUMFI4WcX6gmiYcrMVsMF+7ByshIngV5v9esWadi+RdTWUVOYt2yVS7hkYHZwUX/bN1AOfkRiuD1w3DFFiHhSoquCwaOOZjKxAw6VOrV6O/toLGe0kXXfRFzeB29/1w== rsa-key-20170111
+ uid: 2010
+ rix:
+ fullname: Rix
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjFnOi4rwBVdw69U9y1xgWXrfNNgxEXAmbXthzHae07COwN190xoWv8VeogKxfMdxE2Tj4E0BDFt2i7Jbk9BploFdNXG46lrnoszmgRsuRx5jERfvMyOPvCAQHbL0N53AL6zH9wXF/51a5bJJ3n4wkmO1nDj9WqrDNk0in+knICiPHQX4TxwRXqBuf61gQMxwy8Aoy1WCCfCeAesZxjdFM47C6X3PPHVaXvF6x6iX8OzIHqoVT18yQAQxbET+PWMtlmNFJFx76+Sov4eQm/d2KeRg0aqw49gKLpigYnHfd2uitmSQixBNl5jyvDMoR92vZmZnScmqA9cXQikQ9HCW6Q== rsa-key-20170110
+ uid: 2007
+ sandlayth:
+ fullname: Yassine Hadj Messaoud
+ ssh_keys:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4H4SF3NZ0/o5uTYhIUKUEzP7hlZ0mGqMxs6wt/dhQs kalix@arch-laptop
+ uid: 5002
+ shark:
+ fullname: Shark
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjKehL1PdhcpLNiGdWLuVCUpNawUhQoxon3nmhZm/B+oU2nwygqvx9YU3LFzTEDNXWtU0aH2UVgC5bkRyVdmVKjX878luoluYwhKJFrYoEd9zS+EPDNmNYSoKntDbZoB17iacVEUM4Kg3RAzwStw3L8OO9DlB9NdXUzS8/9wlSy43ddoRRy83FvnvhRNXWScUIQyBolxqyoVvXdLZ2t0PnCdU3Bz2Wkcg24XjwDOR0R0A3780b+VGcsjXtjYxK6xCpNo9l2DqLAfpw+BFusWy6au5U15vfHgR91Lbcd1xtfvJAElI97fR6DGf+HSrtYZe+9gMU1nofibdiNWSJ/Vn+Q== rsa-key-20161212
+ uid: 2006
+ thrx:
+ fullname: ThrX
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqm65UgRA1ZJaGnam+PQiFmXKOKZHAUc5jN8zRQsAaFv5Kgxks857DPBX8eO7Wolh70C/UVXAqYgHS2yg74KKKzyjv2vd/de4vQuC4m24IRWkuGJ6xr+dgqNRMn3YklJ2W/SzMCLIFNWUlM3JnvIPElxrLVMSm9ZCACAvWGgy8uF+vBkJYsmfN5AokyzSZcAUqREBbnsC33erGz50it4Oxn4QpAGWtYBHz+kHz89rZBMbMRAoMyQ1EfnzH076jtufHuTdqibmQRB39GbY8bgJJk0tpntwTvx4pHAnMK6CUwbjtFU03LByYNiIzDjwHXqfwuQZl8WlQjx7oTVNHCJ9fw== rsa-key-20170221
+ uid: 2014
+ tomjerr:
+ fullname: Tommy Aditya
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7WGzb6h6i8H81nkw0E2PvFwi1yqODeltyGwFQxEwL4+bc75LlbxtpIsxS+D4vkervfGjMwgAJSFOv6uimRhubmp1I2Pf85APTf/a9xXmNzAuNnhR8ur93I08cQ2kKlY19q3EX4H4qj2HizRZxgusG8dYyBWuKuq6P7vIn5zn55IzFJKxCekydAjQsDUTOaio5brLD3sY8IfnWtKWDgrszozUOEqZdquJDS6LBEHHDTpWK/Mzuwd6YkpfdG2GVLwuN6Rj43jNoxcvk2W7oJyJQQ7xSpNR3QIFzTAu9VL9AAv4qak4o2AYpmg8HXsgGR2ARvJ0mFzWw8qy/c/5plPgp tomjerr
+ uid: 2001
+ xcombelle:
+ fullname: Xavier Combelle
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9KJQDTtuxGCOaeFtip+yel45zMNS4tvrYg0AzNhT22K8g3F8wiY1GKvYw6Czj8Zo+rqA5/Rt7BCQwNtZyI+Nh23Cvg5wZQ2A6dtzQI69HZVSi+FRA5o4/SG4wyp7AT6wuWn+7tTE/pH69D0keDmaNpLSzhkxKFQd2DuOD2BENobEIE9DzbRf2DeUJ15uCzX/mnEXykklYvQ5AontiwL7VNB1VpNebrfnecAaAua0RhuYp+XwxBaSM4KB4lIA6hTBYEOG6J3TaC3GofMtAANI/n8gcCQkadkqtQHrap2Wh9X6bzekwROVGui1TW6sM7+hS4P7PM80nK05iVnGzIfYR xavier.combelle@gmail.com
+ uid: 2017
+ xray:
+ fullname: xray
+ ssh_keys:
+ - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAzSj3sQYbrBBdceBRUAbuzCS9vZWycVV0OSZ0ofoWx/dOTIalhc3O+aett7J34GqwDgpcTEkEpa/MrlO/2TOGOFIsPlvbZW4fXXFADCbOWkRRNuYW5rv/Sg6ZliGtw4cj0dKEkn9+L/JAuGwKV5KJNTPcp5w8hZyQYczZ8KhcyNVv7mfzLnId03wPnuTTe+AmCTOitbVb3gxjdXDYeS46PkbV8m/23KpcdLigo3ClDwE/SIoA+YddaAbpWDMEwhnWyKmLGI6xkFcqSY1NT0eYnL2waZMEnfluxt+D0V0IT5NeOmQcTuVWPvjFdSKbKepPhdrFmzGNtytfZWoFOPiG+Q== rsa-key-20170119
+ uid: 2011
diff --git a/pillar/nodes/forests.sls b/pillar/nodes/forests.sls
new file mode 100644
index 0000000..b386585
--- /dev/null
+++ b/pillar/nodes/forests.sls
@@ -0,0 +1,46 @@
+# -------------------------------------------------------------
+# Salt — Forests
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-20
+# Description: Groups nodes by forest to allow to apply
+# a common configuration, like users/groups
+# to a set of nodes (ie servers).
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Table of contents
+# -------------------------------------------------------------
+#
+# :: Forests
+# :: Shell groups
+#
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Forests
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+forests:
+ - nasqueron-dev
+ - nasqueron-infra
+ - eglide
+
+# -------------------------------------------------------------
+# Shell groups
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+shellgroups_ubiquity:
+ - ops
+ - deployment
+
+shellgroups_by_forest:
+ nasqueron-dev:
+ - nasquenautes
+ - nasqueron-irc
+ nasqueron-infra: []
+ eglide:
+ - shell
+ - chaton-dev
+ - nasqueron-irc
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
index ec694d9..32feac3 100644
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -1,59 +1,59 @@
# -------------------------------------------------------------
# Salt — Nodes
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-20
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
nodes:
##
## Forest: Nasqueron
## Semantic field: https://devcentral.nasqueron.org/P27
##
dwellers:
- forest: nasqueron
+ forest: nasqueron-infra
hostname: dwellers.nasqueron.org
roles:
- paas-lxc
- paas-docker
network:
ipv6_tunnel: True
equatower:
- forest: nasqueron
+ forest: nasqueron-infra
hostname: equatower.nasqueron.org
roles:
- paas-docker
network:
ipv6_tunnel: False
ysul:
- forest: nasqueron
+ forest: nasqueron-dev
hostname: ysul.nasqueron.org
roles:
- devserver
- saltmaster
- dbserver-mysql
zfs:
pool: arcology
network:
ipv4_interface: igb0
ipv4_address: 163.172.49.16
ipv4_gateway: 163.172.49.1
ipv6_gateway: 2001:470:1f12:9e1::1
ipv4_aliases:
- 212.83.187.132
ipv6_tunnel: True
##
## Forest: Eglide
## Semantic field: ? (P27 used for "Eglide" too)
##
## This forest is intended to separate credentials
## between Eglide and Nasqueron sevrers.
##
eglide:
forest: eglide
hostname: eglide.org
roles:
- shellserver
network:
ipv6_tunnel: True
diff --git a/pillar/top.sls b/pillar/top.sls
index ec4910a..1fa13c8 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -1,20 +1,19 @@
# -------------------------------------------------------------
# Salt configuration for Nasqueron servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
base:
'*':
- core.hostnames
+ - core.users
+ - core.groups
- certificates.certificates
- nodes.nodes
+ - nodes.forests
ysul:
- paas-jails.jails
- webserver-legacy.sites
- eglide:
- - users.revokedusers
- - users.shellusers
- - users.shellgroups
diff --git a/pillar/users/revokedusers.sls b/pillar/users/revokedusers.sls
deleted file mode 100644
index 89485d5..0000000
--- a/pillar/users/revokedusers.sls
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Revoked users accounts list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-10
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Users accounts
-# -------------------------------------------------------------
-
-revokedusers:
- # Account renamed to erol // T808
- - fedai
- # Temporary test account // D608, D609
- - amjtest
- # Account renamed to sandlayth // T789
- - kalix
- # Users who never have connected to Eglide's accounts (SSH key issues)
- - tarik
diff --git a/pillar/users/shellgroups.sls b/pillar/users/shellgroups.sls
deleted file mode 100644
index d33ae45..0000000
--- a/pillar/users/shellgroups.sls
+++ /dev/null
@@ -1,35 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Service groups list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2017-01-24
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Nasqueron
-# -------------------------------------------------------------
-
-shellgroups:
- ops:
- gid: 3001
- description: Nasqueron Operations
- members:
- - dereckson
- - sandlayth
- chaton-dev:
- gid: 827
- description: Bonjour chaton
- members:
- - hlp
- deployment:
- gid: 828
- description: Build softwares to be installed on the servers
- members:
- - dereckson
- nasqueron-irc:
- gid: 829
- description: Manages IRC bots used for Nasqueron projects
- members:
- - dereckson
- - sandlayth
diff --git a/pillar/users/shellusers.sls b/pillar/users/shellusers.sls
deleted file mode 100644
index c51f83c..0000000
--- a/pillar/users/shellusers.sls
+++ /dev/null
@@ -1,88 +0,0 @@
-# -------------------------------------------------------------
-# Salt — Users accounts list
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-08
-# License: Trivial work, not eligible to copyright
-# -------------------------------------------------------------
-
-# -------------------------------------------------------------
-# Users accounts
-# -------------------------------------------------------------
-
-shellusers:
- tomjerr:
- fullname: Tommy Aditya
- uid: 2001
- erol:
- fullname: Erol Unutmaz
- uid: 2002
- rashk0:
- fullname: Rashk0
- uid: 2003
- kazuya:
- fullname: Kazuya
- uid: 2004
- amj:
- fullname: Amaury J.
- shell: zsh
- uid: 2005
- dereckson:
- fullname: Sebastien Santoro
- shell: zsh
- uid: 5001
- sandlayth:
- fullname: Yassine Hadj Messaoud
- uid: 5002
- shark:
- fullname: Shark
- uid: 2006
- rix:
- fullname: Rix
- uid: 2007
- kumkum:
- fullname: Kumkum
- uid: 2008
- chan:
- fullname: Chanel
- uid: 2009
- ringa:
- fullname: Ringa
- uid: 2010
- xray:
- fullname: xray
- uid: 2011
- c2c:
- fullname: c2c
- shell: fish
- uid: 2012
- rama:
- fullname: Rama
- uid: 2013
- thrx:
- fullname: ThrX
- uid: 2014
- xcombelle:
- fullname: xcombelle
- uid: 2017
- hlp:
- fullname: hlp
- uid: 2018
- axe:
- fullname: axe
- uid: 2019
- harshcrop:
- fullname: Harsh Shah
- uid: 2020
- ariel:
- fullname: ariel
- uid: 2021
- pkuz:
- fullname: PK of UZ
- uid: 2022
- khmerboy:
- fullname: khmerboy
- uid: 2023
- akoe:
- fullname: akoe
- uid: 2024
diff --git a/roles/shellserver/users/files/ssh_keys/rama b/roles/core/users/files/authorized_keys
similarity index 81%
rename from roles/shellserver/users/files/ssh_keys/rama
rename to roles/core/users/files/authorized_keys
index ed83997..e8f7e53 100644
--- a/roles/shellserver/users/files/ssh_keys/rama
+++ b/roles/core/users/files/authorized_keys
@@ -1,22 +1,21 @@
# -------------------------------------------------------------
# OpenSSH authorized_keys
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rama
+# Source file: pillar/core/users.sls
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
#
# To add a new key or revoke a key, submit a Git commit:
# https://agora.nasqueron.org/How_to_contribute_code
#
# You can also ask Nasqueron operations to do that for you:
# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIADXRCZ9fFZJAJLOF0PakwhuU9b5Ne4PPr7ESwJzYndn
+{% for key in keys %}
+{{ key }}{% endfor %}
diff --git a/roles/shellserver/users/init.sls b/roles/core/users/init.sls
similarity index 59%
rename from roles/shellserver/users/init.sls
rename to roles/core/users/init.sls
index afeb13b..0bcfde0 100644
--- a/roles/shellserver/users/init.sls
+++ b/roles/core/users/init.sls
@@ -1,77 +1,79 @@
# -------------------------------------------------------------
# Salt — Provision users accounts
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# Created: 2016-04-08
+# Project: Nasqueron
+# Created: 2017-11-09
# Description: Adds and revokes user accounts, in the relevant
# groups and with their stable SSH keys.
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
# -------------------------------------------------------------
# Table of contents
# -------------------------------------------------------------
#
# :: Disabled accounts
#  :: Active accounts
#  :: Groups
-# :: Managed SSH keys
+# :: SSH keys
#
# -------------------------------------------------------------
{% from "map.jinja" import shells with context %}
# -------------------------------------------------------------
# Disabled accounts
# -------------------------------------------------------------
-{% for user in pillar.get('revokedusers') %}
-{{user}}:
+{% for username in pillar.get('revokedusers') %}
+{{ username }}:
user.absent
{% endfor %}
# -------------------------------------------------------------
# Active accounts
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
-{{user}}:
+{% for username, user in salt['forest.get_users']().iteritems() %}
+{{ username }}:
user.present:
- - fullname: {{ args['fullname'] }}
- - shell: {{ shells[args['shell']|default('bash')] }}
- - uid: {{ args['uid'] }}
+ - fullname: {{ user['fullname'] }}
+ - shell: {{ shells[user['shell']|default('bash')] }}
+ - uid: {{ user['uid'] }}
{% endfor %}
# -------------------------------------------------------------
# Groups
# -------------------------------------------------------------
-shell:
+{% for groupname, group in salt['forest.get_groups']().iteritems() %}
+group_{{ groupname }}:
group.present:
- - system: True
- - gid: 200
- - members:
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
- - {{user}}
+ - name: {{ groupname }}
+ - gid: {{ group['gid'] }}
+ - members: {{ group['members'] }}
{% endfor %}
-{% for group, args in pillar.get('shellgroups', {}).iteritems() %}
-group_{{group}}:
- group.present:
- - name: {{group}}
- - system: False
- - gid: {{ args['gid'] }}
- - members: {{ args['members'] }}
-{% endfor %}
-
# -------------------------------------------------------------
-# Managed SSH keys
+# SSH keys
# -------------------------------------------------------------
-{% for user, args in pillar.get('shellusers', {}).iteritems() %}
-sshkey_{{user}}:
- ssh_auth.present:
- - user: {{user}}
- - source: salt://roles/shellserver/users/files/ssh_keys/{{user}}
-{% endfor %}
+{% for username, user in salt['forest.get_users']().iteritems() %}
+/home/{{ username }}/.ssh:
+ file.directory:
+ - user: {{ username }}
+ - group: {{ username }}
+ - dir_mode: 700
+
+/home/{{ username}}/.ssh/authorized_keys:
+ file.managed:
+ - source: salt://roles/core/users/files/authorized_keys
+ - user: {{ username }}
+ - group: {{ username }}
+ - mode: 600
+ - template: jinja
+ - context:
+ keys: {{ user['ssh_keys']|default([]) }}
+
+{% endfor %}
diff --git a/roles/saltmaster/account/init.sls b/roles/saltmaster/account/init.sls
index 81cc2a6..4521b92 100644
--- a/roles/saltmaster/account/init.sls
+++ b/roles/saltmaster/account/init.sls
@@ -1,66 +1,61 @@
# -------------------------------------------------------------
# Salt — Salt master configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-04-28
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Accounts
# -------------------------------------------------------------
# Salt account
salt_account:
group.present:
- name: salt
- gid: 9001
- - system: True
user.present:
- name: salt
- fullname: SaltStack master account
- uid: 9001
- gid: 9001
- home: /var/run/salt
salt_account_ownership:
cmd.run:
- name: chown -R salt {{ dirs.etc }}/salt /var/cache/salt /var/log/salt /var/run/salt
- onchanges:
- user: salt_account
# Deployment account
deploy_account:
- group.present:
- - name: deploy
- - gid: 9002
- - system: True
user.present:
- name: deploy
- fullname: Deployment and management of the Salt staging area
- uid: 9002
- - gid: 9002
+ - gid: 3003
- home: /var/run/deploy
# Allow to repair ownership if the account is created after the staging
deploy_account_ownership:
cmd.run:
- name: chown -R salt /opt/salt/staging /opt/salt/private/staging
- onchanges:
- user: deploy_account
# -------------------------------------------------------------
# Sudo capabilities
#
# Ops should be able to sudo -u salt …
# Deployers should be able to sudo -u deploy <anything>
# -------------------------------------------------------------
{% for sudofile in ['salt', 'deploy'] %}
saltmaster_sudo_capabilities_{{ sudofile }}:
file.managed:
- name: {{ dirs.etc }}/sudoers.d/{{ sudofile }}
- source: salt://roles/saltmaster/account/files/{{ sudofile }}
{% endfor %}
diff --git a/roles/shellserver/users/files/ssh_keys/akoe b/roles/shellserver/users/files/ssh_keys/akoe
deleted file mode 100644
index f19a68b..0000000
--- a/roles/shellserver/users/files/ssh_keys/akoe
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/akoe
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyffI4KDYcnVYJKLIUcVhi0gtjaGPHFs7lJMyYn2RSEmRBoMyz7leZ+vbxC1I0BxiAs20JAAVKDFs+XsWSlKjVSXO++giTZCC2mnaQRR31cRiBXLqm7SZylAGMZiVeWgy9iOZTHQg0oOmE7z5P9hBIpLgScn9qmFKOI9iQwOrYa1u5G9H7qopdW5HdlZ9RDTzHDXQr6byc9Hk7NmycVhnry7WLKvVsSFCsJ2AjBXxB3Ck6CUhF/si8tCAA6EgRs8c+vh8hevUjprDc1rD++THhY/c5esFh5KxyLRr3dCq8QZ7zaJBWkgxXevPKmSlL/zEpyhtTG2CMUeRwURUmByp5 akoe
diff --git a/roles/shellserver/users/files/ssh_keys/amj b/roles/shellserver/users/files/ssh_keys/amj
deleted file mode 100644
index cb3a371..0000000
--- a/roles/shellserver/users/files/ssh_keys/amj
+++ /dev/null
@@ -1,25 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/amj
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHRDb+9juQM0Dr/lUKwVF0iYid6iZbO8ZFqshxklaIpnzOgKqpkjEE7JhgegDZW+zH+WqlvKXC0ce6KkHAbmCsnu3wdXVkKS2IAfLCa6rQYMXFc8GYU929UMj4LilVCgDi2sXEOSTI6uh2yc8WkVGEOguMt9E7f5za44q+kJGnLJRK/1gu/1eDbCOe/dFfZg7o4hBlMrFcCbb2r+iUevOj92K7jJcYm8x3wmt4FTJbh5/6LJ3lgstLWYmY2jzbxKeJ1ONGg9e1tDNqkKMHcsvMeEyMTdGykYYhEI7tGMoEoxJQIWILpO0h7o8dnxvm6jC7lfBYbZtZttBPBkEsac+RUCX2Zejib0GioOnOXCKSqdk383ZXbyXIHogCn8ya2R/399Fw/40QVTFTvX8A1alSXQUJShA2RgWucPkSaufUKu3uSjGN4pUdtAkuSdcs/78mbQZkGOs29YdVSZIR5TbTld2uPiID6VLu1oLZtoEPvCrr7G5fDv02P7DR7YPKcouMyJwHswWwIQ/WKPawdDNdGEw0Cr8It0dRpI7nNZh79hdlJsqSNa1ezND4qfbm89SlmwpkypaualzvUnxfffW4hpAJp4Y1M7CNkNWLO3mdM1z/5y7vZgIzKURAClCE6h/pJASnZjA/BBxoXg5fgDf+nEGx652GaKIEtyF3PdIoFQ== am@gentam
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTQ7Tt/wm+eDc6bTbWX2HHQbdMJVS40mlEfit6usDGKb9PUDtV2pn1KumnsevFge3OArnCLDqp0pmIuMy8loMjyyFeMMsrMNvE4i1Zl/xXcss3siwlqzMDozGBpxC3jMielUnm64BMCtnURfFZsIZfnpZoG6jsfLKWUSKJro9SNrxQptnSH5xkvEOF7gZS8HTkEvjE1sgfIEabZrYIIo5nLrz9yxmuiHIOqx1uyhJGw1dr4pJSGAMcYGGOpfy8uOy80+46MUW8ZtpSTspaTiHnUgs7gSPyCThrgdiNjiAj+mAeUKYytQDt5MQxp0FbUvv34bCJ9Q8G7hXVqBaXO7N/wyyiJ2WL8BbfZhoKM0vmn/oaYmomdlWF08YmkJyeqvf0N9/s6gyzjdj7Aqihi/02YiOqdL5m5WZAREiqIGo/HtlpCoShiqtNn545mD+KwanMdJbJp8ALn7yjJJEKpXVCcUaZOPR7kTF4fZ0eUTuVH3SeyCf3z3OpZ55MeGOkjKfVRkHS6FJ9Uhkjxi0K/2apROB/XCtS0Bv3AjOxt7f7HvabmYzx3J/43JLFKK5BkmqTBGUTowKU/40kxbWug1MAnSzbmDEucZ/eu34SE4R2oXarLrflH9kAIZ6+cftMpAAOKd5VVHeVJKnl4MTSU4C67iwsVpVoJ+mQOPHsf5Ekuw== am@debian-am
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0zIEBYPoa9jQLE1+vRv3oMCwn5VM1EpwCb/K5Utqb1+VOpamWEFy3tkJrkppKFxjst+rDl5ztPLKal6LMURuOQhcGmVux+hJM/ucVtzvx/LHJsBmFsZGRJ2Y2cUXwDzedWqvJybzDhLWcuxPSdvIIiv7bTCLLSIatwsGEnDJ1ffSRgkcrXAd8Pu6/ghPAQwkpIv+POB6kvu5mDHcV5xqliMvI3C4pznheFX603WZ4qA2n0sokQ+2bHSDQHZqziGw4vwQc692JauVEHUDoznTGgMlzuiC2f7Aw1q2V9WFPvOifSr+uhTU8DCDlnssSZ/3m7dnh0soFVodju3s2Wpr32fWocyNqay6FDRYQLuFPziGqlQ6wMJE6nDXr+dYTwZm6ktMGp12/Go3KROCr06Q23JSrT5uaQ+UImoU1Y6veejpU34uo1kMQnoV16OsYARa0Aza5S9S8I3evIOGxPGNAsTb+mlylRwqUm7QSpQGpn3ov7fefG4EvH6ytQlZDAou9GyaeVFfhToqQ8cSqyDU4MOLTfILXTB2tjIRnIjs9U0B6Vczv/sZ9rp/614A5mzXapsfhDyx4FieDtVkr/gFNhI1s3f8y5VJcvL7NX2ggeaqq+kfHkIxAwUUjaVCLB+E3LgUeTG5bzz/ErZbRuDqTKpHUaHKinTNoObR9xpz7+w== amj@dwabyam
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCCKtSulhB9uva1RYOtwcLMcO+1V5oGti50OXntqG0OZfEauz/oLTQpt+nkKYNUN6MazL+9ienYQ8ZZPgZbOs9WGh0acxBcPM5Dw5b0ZWEJ8h9Dk2M7P144aeRS/HuHVvc/JyI3+gYHgqWGe5ycEzlrFeegX7/Zr76eaFDQPGMnsJCFZVga24TiSPiEBTuyszq0/emsLJe41zFY4J6Y2kbaWuJYbiAvA0mZAD+g6+ltEa6vdUOF1BI2kTPFeKXc2dCnbaJAz00I437zUGdaU4533iyLHygxLPjAsjxO8q4f163VR7Rd2jibvRUW2EXgVoY1mJjkNwi2XLQCCwgG/6G8IuQaMjPAx0v7bf+vAJ3x+esJtVFNa55sgU7uHWPaRAwtovspCFBpTRIsp6J5f+1WLqWQVBVBZHdR+5PC2H5Zwb5Hq33Jn8ksQoPMCWcbIbjgF78a/B4LgtsJpA2x8cGJi6p1DEKT5bC6ROGMxqPwA8pFgI3+0X5ukZvTMDH7BjiXkbdyCaFfwo7UofRrPHIUyPAYh/XD7rUddc/6rjVBzmkXTeyYvevOOlmTxM5BDJZI/w6Gc2/XQchCDoWT9ttw7VWX19fHaHtx8KE/I8JaSS5hW77Kl3PzWJxewOAcJMh9HNza3jBgqZFTHktPCPUBZbsjD27YWJcYPrhzpQErQ== amj@thinbiam
diff --git a/roles/shellserver/users/files/ssh_keys/ariel b/roles/shellserver/users/files/ssh_keys/ariel
deleted file mode 100644
index c83bb03..0000000
--- a/roles/shellserver/users/files/ssh_keys/ariel
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/ariel
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwaTYlLZ90/oQ5tDYDkhI2mHa1L6Vh+zcekCt8D08N7/CrFI5sUVteTwMWw2ytQlWnyT3HVgHb4IS1EPjpjyuqseRcNW0HYsqBk3E36PCBQIqjLZ0nDAeHQtm6T6pXiKC5qUppghwrvDxVYFpF3lFzAzfYMrF7iugk0xRPTHZWm8df7dqIB/6FfbxSD95yQVAlJefxoFWbo3Yn+exEZQvWv6lQYXnjV5DSwMf8tPGDkc2DRjrnR52ZrXPRZFCqc9JGkA/l8QsYtjmqJdnOgq5raOb56aRulJYdP2j//B4lRJJlglMuj8dSZE/j04zub+P2QhfdqeEHmeaTUqbwcnZZw==
diff --git a/roles/shellserver/users/files/ssh_keys/axe b/roles/shellserver/users/files/ssh_keys/axe
deleted file mode 100644
index 2f47e6a..0000000
--- a/roles/shellserver/users/files/ssh_keys/axe
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/axe
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjrcYXZ2/bfTdxVI1ZMXknB7WJa8uY1RLZ5Vrs2LPRTzBqaXzpY6/Iw5Ibiy8KMbVo/vQtAWrGY00ucHE+swS2VEtWIZc72kSznkL65bKtqHbZa+IqktRUBsg6ay/3Xups0DBfZ1T+SRSiLh0rya1dXd2NyIrvSo5eCxEPqAPm87rOrgC95GRxqlJUZ5ZOjV92K9v6TcTQWn61nGl2DQviAugNGtHGXhq0Xk98lWkLeGhDLedJOqFmHvqGrkSQpEps7ivlh3Mstv49pXqH1dIA7UhnyX5DTR6YjhIKehZnCfsl8wt6FMCs5QMor1giY4ZpUhY2D4ezvzFD2kqbOUvQQ== 2017-06-14
diff --git a/roles/shellserver/users/files/ssh_keys/c2c b/roles/shellserver/users/files/ssh_keys/c2c
deleted file mode 100644
index ab41c9a..0000000
--- a/roles/shellserver/users/files/ssh_keys/c2c
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/c2c
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyoC7ekLYc7nsd1QsgfdEatYw1FC7z92miIdXvx0n8O c2c@ender
diff --git a/roles/shellserver/users/files/ssh_keys/chan b/roles/shellserver/users/files/ssh_keys/chan
deleted file mode 100644
index 07f3bc4..0000000
--- a/roles/shellserver/users/files/ssh_keys/chan
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/chan
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvDcmKHfTrCBRpjJxYyIELMRknrMpDXfcKDhfXqmB09 chan@Calculon
diff --git a/roles/shellserver/users/files/ssh_keys/dereckson b/roles/shellserver/users/files/ssh_keys/dereckson
deleted file mode 100644
index 21e77f2..0000000
--- a/roles/shellserver/users/files/ssh_keys/dereckson
+++ /dev/null
@@ -1,25 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/dereckson
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzD5VzetMFTUHLWrLyBsnZ6bdwDa4Ip9WWAh5nLxKyR dereckson@ysul.nasqueron.org
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIURiX8gBIv91sxutRQeESip7Ympmqe6miepoNDvXpZ9 dereckson@orin.dereckson.drake
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFGIYBdz8pW4vaSyA/QPlcU81uLI8SHoq7I+K6FPO9oh dereckson@graywell.dereckson.drake
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGV4p25jLQQHLgKH1SawoNLKuxkfyHuERRDUN9QZ7i5m dereckson@yakin.dereckson.drake
diff --git a/roles/shellserver/users/files/ssh_keys/erol b/roles/shellserver/users/files/ssh_keys/erol
deleted file mode 100644
index 7f41a46..0000000
--- a/roles/shellserver/users/files/ssh_keys/erol
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/erol
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdHrSRJGwaGFTpoZIvkoWTMpnXgke77emVicMT8b37kcUepeD91pA3UPQ7UOEQl/Af3Ly7ePneymZ6NjAkM06oPeIjxE6Nz+i6p7rVIZhCb9qz+hdKgt4wSEQLWponegFNdCUs6HvMjDGlsI0kajHgIakXiKAwNyxhQzpBoGranO9c2PdAq2HGq7Kcq8ApC1kdKG0W3dT4PWborzmt1jWna2yosEn+TTHj5wi2p/E9BsCbmfokBO3xn491lr1P4shh4zg7Mv3SPD3j4/mZb9EMwD8cl4y9ZIoMEbL8p4s8J7Joqs3gK9hmMN5ZCNUFrNrJu3TCRZre2k7cV3+U3IXT erol@fedai
diff --git a/roles/shellserver/users/files/ssh_keys/harshcrop b/roles/shellserver/users/files/ssh_keys/harshcrop
deleted file mode 100644
index af18829..0000000
--- a/roles/shellserver/users/files/ssh_keys/harshcrop
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/harshcrop
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1ANaxVViiL8s2KTdb+p4FWBBZjXz3zH9/es0SSLuXzCjcs1opEeMeb4roQWWgxrZ3j0aOJAj0smSP1THtrwW1xUE5DidmueuqokgbQuvkrsvcDaJYbNjUr/3fAw7/JcWgh4lSSxCLgflpjBr5aTlMQZj/KPrGnlzjr/hPvb8cAomS2HD+hLuC2z26cvOhY811scTZWMoBrxSkmrXOTkutRdZm+TrYJyZy7xQ9ncfsARYzrOZ4be+0mfb6i4tJfMbBvadSu/gyJdOLCfV5SxdjpMLPqIXO9hWkRKYH8SFX5ZWVw8C06iJWcnFCIw1YMTFYe1MNqV8YICiYUmJ2CWaL harshcrop@Harshs-MacBook-Pro.local
diff --git a/roles/shellserver/users/files/ssh_keys/hlp b/roles/shellserver/users/files/ssh_keys/hlp
deleted file mode 100644
index 5827414..0000000
--- a/roles/shellserver/users/files/ssh_keys/hlp
+++ /dev/null
@@ -1,23 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/hlp
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIP+04Jhq2toJ+RLx41NKrtDGgmSCfOsAY/BnJ6EzNXC hlp@sonny
-
diff --git a/roles/shellserver/users/files/ssh_keys/kazuya b/roles/shellserver/users/files/ssh_keys/kazuya
deleted file mode 100644
index 23b346c..0000000
--- a/roles/shellserver/users/files/ssh_keys/kazuya
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/kazuya
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtCcRQ6HVKD5mj602UJkpI/TMGVt1R0yYx1HxP6SWJb6FM2E4wzkxtf0sp2cxW/9Lz/0OsQV8fSSo/qfUhQXfRcL+rxsM+iixD0WMffMC8CrqsYS+VV32HR2sIm8J7yyMweJrfYneErdFisGmMgOFw8vBGX01XfdwGqbSflf3Tal7L3R0g65rclGsg7JckWE6RQMXnvGwXQxv4QahaNtZK74AlyeFgsXYlv14UeaGE4Pz+rkgZKoC4tvAOBQMNxWtCPMcydJOacoCZO7Jcxv0jMUo0y26mulQ6vbz5hqAPS612c47gh8VNDDkQaznQMeiSyIlnvDEkHmzvC8Z3UAeJ eglide
diff --git a/roles/shellserver/users/files/ssh_keys/khmerboy b/roles/shellserver/users/files/ssh_keys/khmerboy
deleted file mode 100644
index 0877e5d..0000000
--- a/roles/shellserver/users/files/ssh_keys/khmerboy
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/khmerboy
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAxg4+y6QxyyeHvmcWHy5Q9pjh8YBNC+Q1w3+QHWH/7WKw9odKHgtpu2hixfOeZl5k/E9+XPw2oGmQzs3pInz/yyegGB57kb3xAftqJkHVuBKsrz+7q3fPjnoqk3VZ62k5II3oqEEjizdVhEVacU+149m3LJWo+FKoRAKxlX39KwEM+UMDfynck7OJvKRWTTP/cbPzR7kaMifQLWZF6stFilRnYBAesK2DzLgO37DovwxmQO1CbBuitgsHwLDXGW0gePyC39REIrntZSte1xdlEfC27rQnXcH3YPcTm9bwNBXnK1Jiwfp3fJ6q6FIz9IaybhO6CGNOOODHN4R4DTbbfQ== rsa-key-20170922
diff --git a/roles/shellserver/users/files/ssh_keys/kumkum b/roles/shellserver/users/files/ssh_keys/kumkum
deleted file mode 100644
index 8b88a74..0000000
--- a/roles/shellserver/users/files/ssh_keys/kumkum
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/kumkum
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnCIiESqqsGOhaS16jwboLplQIP0FwKMhk0oRF7EP55 kumkum@kumkum-E200HA
diff --git a/roles/shellserver/users/files/ssh_keys/pkuz b/roles/shellserver/users/files/ssh_keys/pkuz
deleted file mode 100644
index 2a83dfe..0000000
--- a/roles/shellserver/users/files/ssh_keys/pkuz
+++ /dev/null
@@ -1,21 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/pkuz
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHIngmKZJUTBgps2LpfrjFwMtW8U5Zd0olKnmG0YZbApN9UHmiVKw6ow0U+KxI6kYGrNi6acKRnZHrnip8io8swW8PnLsgFKoCO2Ywrz/uDFaNJIVdTiNNB1Msm4dd2SiRwtn09SUVwSKBIFQFEoPG7q7v1OgvhIAk13/qbrOV+u6ZgoY8ssYH7qlRElAc4cptjtTen63f87wHFUN65T70ce6nFxOsZfTrB5Y+O7DTO25y7RV6q7CXq+i1uxJutDWDOLhb+dAqQHb5JEqBTF+CElyZtJtK+GxiXfMTWTyNBlv/4up/fRDMRxZ1F69Wowjn3MSnvsFgqxhwxW6Fksr7
diff --git a/roles/shellserver/users/files/ssh_keys/rashk0 b/roles/shellserver/users/files/ssh_keys/rashk0
deleted file mode 100644
index 611a1d1..0000000
--- a/roles/shellserver/users/files/ssh_keys/rashk0
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rashk0
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJKU6dVl19vQFPMUWS2iGRzBV1uD9YEaMijBkY2oPYjwhFXc1fouGGr17kkSK9D0c4pr9A6jk/gH9GWE5SpwaZY94VK5QfdvHpyA1hLevdUc4mwuIbsMp893kr0e9Miys1/v+UdFhUq0n3rWiER3oo9rJjx3qloBqSfD18y3sCFTyM1AheVMp7E71kgViG7wWtHrkmnrBo3V5ENc2snTCQy7lF7eQ5a6D45a5n2KYV94YrMvGDbfYUnw8IJHNN6XB1KBK6mksbm2p6fc3ow0UJDOK3bfJNUkp9tfRJV/EeYxGPYJRE60Ng2Dqc3zZaH7FDgbBLoK0UwGURQozNSQT campari@Beta
diff --git a/roles/shellserver/users/files/ssh_keys/ringa b/roles/shellserver/users/files/ssh_keys/ringa
deleted file mode 100644
index 0c1565b..0000000
--- a/roles/shellserver/users/files/ssh_keys/ringa
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/ringa
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiTobf2i/IveVlpdntX9M6p9rOe60HuODq5FslTIFxA/RwKQbJKafCQZ3ci+Pt9BKAKtBGSJANNfbxxN7VRB+iO6UZUh2Qjb012CfigC5g1r9MEryqh8LBP27NqTkCqjMZrwUa6pYMBG1/ydbOA0BIr3C72QfpXC/qCSvXNgQzL7DGSR7cgjhGvMDn5ewJuxsvXAcajMLEORxeYooONG9ELGRUMFI4WcX6gmiYcrMVsMF+7ByshIngV5v9esWadi+RdTWUVOYt2yVS7hkYHZwUX/bN1AOfkRiuD1w3DFFiHhSoquCwaOOZjKxAw6VOrV6O/toLGe0kXXfRFzeB29/1w== rsa-key-20170111
diff --git a/roles/shellserver/users/files/ssh_keys/rix b/roles/shellserver/users/files/ssh_keys/rix
deleted file mode 100644
index ffc9c54..0000000
--- a/roles/shellserver/users/files/ssh_keys/rix
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/rix
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjFnOi4rwBVdw69U9y1xgWXrfNNgxEXAmbXthzHae07COwN190xoWv8VeogKxfMdxE2Tj4E0BDFt2i7Jbk9BploFdNXG46lrnoszmgRsuRx5jERfvMyOPvCAQHbL0N53AL6zH9wXF/51a5bJJ3n4wkmO1nDj9WqrDNk0in+knICiPHQX4TxwRXqBuf61gQMxwy8Aoy1WCCfCeAesZxjdFM47C6X3PPHVaXvF6x6iX8OzIHqoVT18yQAQxbET+PWMtlmNFJFx76+Sov4eQm/d2KeRg0aqw49gKLpigYnHfd2uitmSQixBNl5jyvDMoR92vZmZnScmqA9cXQikQ9HCW6Q== rsa-key-20170110
diff --git a/roles/shellserver/users/files/ssh_keys/sandlayth b/roles/shellserver/users/files/ssh_keys/sandlayth
deleted file mode 100644
index f617e8f..0000000
--- a/roles/shellserver/users/files/ssh_keys/sandlayth
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/sandlayth
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4H4SF3NZ0/o5uTYhIUKUEzP7hlZ0mGqMxs6wt/dhQs kalix@arch-laptop
diff --git a/roles/shellserver/users/files/ssh_keys/shark b/roles/shellserver/users/files/ssh_keys/shark
deleted file mode 100644
index c24dc77..0000000
--- a/roles/shellserver/users/files/ssh_keys/shark
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/shark
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjKehL1PdhcpLNiGdWLuVCUpNawUhQoxon3nmhZm/B+oU2nwygqvx9YU3LFzTEDNXWtU0aH2UVgC5bkRyVdmVKjX878luoluYwhKJFrYoEd9zS+EPDNmNYSoKntDbZoB17iacVEUM4Kg3RAzwStw3L8OO9DlB9NdXUzS8/9wlSy43ddoRRy83FvnvhRNXWScUIQyBolxqyoVvXdLZ2t0PnCdU3Bz2Wkcg24XjwDOR0R0A3780b+VGcsjXtjYxK6xCpNo9l2DqLAfpw+BFusWy6au5U15vfHgR91Lbcd1xtfvJAElI97fR6DGf+HSrtYZe+9gMU1nofibdiNWSJ/Vn+Q== rsa-key-20161212
diff --git a/roles/shellserver/users/files/ssh_keys/thrx b/roles/shellserver/users/files/ssh_keys/thrx
deleted file mode 100644
index 4973be2..0000000
--- a/roles/shellserver/users/files/ssh_keys/thrx
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/thrx
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAqm65UgRA1ZJaGnam+PQiFmXKOKZHAUc5jN8zRQsAaFv5Kgxks857DPBX8eO7Wolh70C/UVXAqYgHS2yg74KKKzyjv2vd/de4vQuC4m24IRWkuGJ6xr+dgqNRMn3YklJ2W/SzMCLIFNWUlM3JnvIPElxrLVMSm9ZCACAvWGgy8uF+vBkJYsmfN5AokyzSZcAUqREBbnsC33erGz50it4Oxn4QpAGWtYBHz+kHz89rZBMbMRAoMyQ1EfnzH076jtufHuTdqibmQRB39GbY8bgJJk0tpntwTvx4pHAnMK6CUwbjtFU03LByYNiIzDjwHXqfwuQZl8WlQjx7oTVNHCJ9fw== rsa-key-20170221
diff --git a/roles/shellserver/users/files/ssh_keys/tomjerr b/roles/shellserver/users/files/ssh_keys/tomjerr
deleted file mode 100644
index 9310274..0000000
--- a/roles/shellserver/users/files/ssh_keys/tomjerr
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/tomjerr
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7WGzb6h6i8H81nkw0E2PvFwi1yqODeltyGwFQxEwL4+bc75LlbxtpIsxS+D4vkervfGjMwgAJSFOv6uimRhubmp1I2Pf85APTf/a9xXmNzAuNnhR8ur93I08cQ2kKlY19q3EX4H4qj2HizRZxgusG8dYyBWuKuq6P7vIn5zn55IzFJKxCekydAjQsDUTOaio5brLD3sY8IfnWtKWDgrszozUOEqZdquJDS6LBEHHDTpWK/Mzuwd6YkpfdG2GVLwuN6Rj43jNoxcvk2W7oJyJQQ7xSpNR3QIFzTAu9VL9AAv4qak4o2AYpmg8HXsgGR2ARvJ0mFzWw8qy/c/5plPgp tomjerr
diff --git a/roles/shellserver/users/files/ssh_keys/xcombelle b/roles/shellserver/users/files/ssh_keys/xcombelle
deleted file mode 100644
index 2aeff97..0000000
--- a/roles/shellserver/users/files/ssh_keys/xcombelle
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/xcombelle
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9KJQDTtuxGCOaeFtip+yel45zMNS4tvrYg0AzNhT22K8g3F8wiY1GKvYw6Czj8Zo+rqA5/Rt7BCQwNtZyI+Nh23Cvg5wZQ2A6dtzQI69HZVSi+FRA5o4/SG4wyp7AT6wuWn+7tTE/pH69D0keDmaNpLSzhkxKFQd2DuOD2BENobEIE9DzbRf2DeUJ15uCzX/mnEXykklYvQ5AontiwL7VNB1VpNebrfnecAaAua0RhuYp+XwxBaSM4KB4lIA6hTBYEOG6J3TaC3GofMtAANI/n8gcCQkadkqtQHrap2Wh9X6bzekwROVGui1TW6sM7+hS4P7PM80nK05iVnGzIfYR xavier.combelle@gmail.com
diff --git a/roles/shellserver/users/files/ssh_keys/xray b/roles/shellserver/users/files/ssh_keys/xray
deleted file mode 100644
index 331067c..0000000
--- a/roles/shellserver/users/files/ssh_keys/xray
+++ /dev/null
@@ -1,22 +0,0 @@
-# -------------------------------------------------------------
-# OpenSSH authorized_keys
-# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-# Project: Eglide
-# License: Trivial work, not eligible to copyright
-# Source file: roles/shellserver/users/files/ssh_keys/xray
-# -------------------------------------------------------------
-#
-# <auto-generated>
-# This file is managed by our rOPS SaltStack repository.
-#
-# Changes to this file may cause incorrect behavior
-# and will be lost if the state is redeployed.
-#
-# To add a new key or revoke a key, submit a Git commit:
-# https://agora.nasqueron.org/How_to_contribute_code
-#
-# You can also ask Nasqueron operations to do that for you:
-# https://devcentral.nasqueron.org/maniphest/task/edit/form/3/
-# </auto-generated>
-
-ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAzSj3sQYbrBBdceBRUAbuzCS9vZWycVV0OSZ0ofoWx/dOTIalhc3O+aett7J34GqwDgpcTEkEpa/MrlO/2TOGOFIsPlvbZW4fXXFADCbOWkRRNuYW5rv/Sg6ZliGtw4cj0dKEkn9+L/JAuGwKV5KJNTPcp5w8hZyQYczZ8KhcyNVv7mfzLnId03wPnuTTe+AmCTOitbVb3gxjdXDYeS46PkbV8m/23KpcdLigo3ClDwE/SIoA+YddaAbpWDMEwhnWyKmLGI6xkFcqSY1NT0eYnL2waZMEnfluxt+D0V0IT5NeOmQcTuVWPvjFdSKbKepPhdrFmzGNtytfZWoFOPiG+Q== rsa-key-20170119
diff --git a/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py b/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py
new file mode 100755
index 0000000..0cf65d5
--- /dev/null
+++ b/scripts/byTasks/repo-maintenance/migrate-ssh-keys.py
@@ -0,0 +1,114 @@
+#!/usr/bin/env python3
+
+# -------------------------------------------------------------
+# rOPS — migrate SSH keys from file to Salt state
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-09
+# Description: Read a dictionary, and for each key, find in
+# a specified folder a data file. Add data from
+# this file to the dictionary. Output in YAML.
+# License: BSD-2-Clause
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Table of contents
+# -------------------------------------------------------------
+#
+# :: Configuration
+# :: YAML style
+# :: Update code
+# :: Run task
+#
+# -------------------------------------------------------------
+
+
+import os
+import yaml
+
+
+# -------------------------------------------------------------
+# Configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+# Where is located the dictionary to update?
+state_file = 'pillar/core/users.sls'
+state_key = 'shellusers'
+
+# Where are located the data fileS?
+data_path = 'roles/shellserver/users/files/ssh_keys/'
+
+# What property should get the data and be added if missing in the dict?
+state_data_property = 'ssh_keys'
+
+
+# -------------------------------------------------------------
+# YAML style
+#
+# Allows to dump with indented lists
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+class SaltStyleDumper(yaml.Dumper):
+
+ def increase_indent(self, flow=False, indentless=False):
+ return super(SaltStyleDumper, self).increase_indent(flow, False)
+
+
+# -------------------------------------------------------------
+# Update code
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+def do_update():
+ state = read_state()
+ update_state(state)
+ print(dump_state(state))
+
+
+def read_state():
+ fd = open(state_file, "r")
+ states = yaml.load(fd.read())
+ fd.close()
+
+ return states[state_key]
+
+
+def update_state(state):
+ for key in state:
+ if state_data_property not in state[key]:
+ state[key][state_data_property] = read_data(key)
+
+
+def read_data(key):
+ path = data_path + key
+
+ if not os.path.exists(path):
+ return []
+
+ return [line.strip() for line in open(path, "r") if is_value_line(line)]
+
+
+def is_value_line(line):
+ if line.startswith("#"):
+ return False
+
+ if line.strip() == '':
+ return False
+
+ return True
+
+
+def dump_state(state):
+ return yaml.dump({state_key: state},
+ default_flow_style=False,
+ Dumper=SaltStyleDumper, width=1000)
+
+
+# -------------------------------------------------------------
+# Run task
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+do_update()
diff --git a/top.sls b/top.sls
index e661244..da00144 100644
--- a/top.sls
+++ b/top.sls
@@ -1,40 +1,40 @@
# -------------------------------------------------------------
# Salt configuration for Nasqueron servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
base:
'*':
- roles/core/rc
- roles/core/hostname
- roles/core/network
- roles/core/motd
- roles/core/rsyslog
- roles/core/salt
- roles/core/sshd
- roles/core/sysctl
+ - roles/core/users
'local':
- roles/saltmaster
'ysul':
- roles/paas-jails
- roles/dbserver-mysql
- roles/webserver-core
- roles/webserver-legacy
- roles/webserver-varnish
'dwellers':
- roles/paas-docker/docker
- roles/paas-lxc/lxc
- roles/mastodon
'eglide':
- roles/webserver-core
- - roles/shellserver/users
- roles/shellserver/userland-software
- roles/shellserver/eglide-website
- roles/shellserver/vhosts
- roles/shellserver/web-hosting
- roles/shellserver/database
- roles/shellserver/odderon
- roles/shellserver/bonjour-chaton

File Metadata

Mime Type
text/x-diff
Expires
Mon, Nov 25, 18:27 (11 h, 30 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2260704
Default Alt Text
(78 KB)

Event Timeline