51 lines
1 KiB
Text
51 lines
1 KiB
Text
|
sftp_only_group_present:
|
||
|
|
group.present:
|
||
|
|
- name: sftponly
|
||
|
|
|
||
|
|
www-data_group_present:
|
||
|
|
group.present:
|
||
|
|
- name: www-data
|
||
|
|
|
||
|
|
|
||
|
|
{% for page in salt['pillar.get']('static_pages', []) %}
|
||
|
|
{{ page.site }} user present:
|
||
|
|
user.present:
|
||
|
|
- name: {{ page.site }}
|
||
|
|
- home: /opt/static_pages/{{ page.site }}
|
||
|
|
- groups:
|
||
|
|
- sftponly
|
||
|
|
- www-data
|
||
|
|
- shell: /bin/false
|
||
|
|
|
||
|
|
set_homdirectory_perms_{{ page.site }}:
|
||
|
|
file.directory:
|
||
|
|
- name: /opt/static_pages/{{ page.site }}
|
||
|
|
- user: {{ page.site }}
|
||
|
|
- group: {{ page.site }}
|
||
|
|
- mode: 755
|
||
|
|
|
||
|
|
|
||
|
|
{{ page.site }} ssh public key present:
|
||
|
|
ssh_auth.present:
|
||
|
|
- user: {{ page.site }}
|
||
|
|
- config: '%h/.ssh/authorized_keys'
|
||
|
|
- names: {{ page.ssh_keys }}
|
||
|
|
|
||
|
|
{% endfor %}
|
||
|
|
|
||
|
|
sftp_only_config_present:
|
||
|
|
file.managed:
|
||
|
|
- name: /etc/ssh/sshd_config.d/sftp_only.conf
|
||
|
|
- source: salt://static_pages/sftp.config
|
||
|
|
- user: root
|
||
|
|
- group: root
|
||
|
|
- mode: 644
|
||
|
|
- template: jinja
|
||
|
|
|
||
|
|
project dir for static_pages:
|
||
|
|
file.directory:
|
||
|
|
- name: /opt/static_pages
|
||
|
|
- user: root
|
||
|
|
- group: root
|
||
|
|
- mode: 755
|