redo users and ssh

users/files/authorized_keys.jinja

@@ -1,4 +0,0 @@
-# Managed by Saltstack
-{% for comment, key in salt.pillar.get('authorized_keys')[user].items() -%}
-{{ key }} {{ comment }}
-{% endfor -%}

users/files/ssh_hosts.jinja

@@ -1,15 +0,0 @@
-# Managed by Saltstack
-{%- for host, config in salt.pillar.get('ssh_hosts', {}).get(user, {}).items() %}
-Host {{ host }}
-{%-   for key, val in config.items() %}
-  {{ key }} {{ val }}
-{%-   endfor %}
-{%- endfor %}
-{%- if salt.pillar.get('restic:client:environ:RESTIC_REPOSITORY', '').startswith('sftp:') %}
-{% set user=salt.pillar.get('restic:client:environ:RESTIC_REPOSITORY').split(':')[1] %}
-Host {{ user }}
-  HostName kpi.keiran.us
-  User {{ user }}
-  Port 9022
-  IdentityFile /root/.ssh/id_rsa
-{%- endif %}

users/init.sls

@@ -1,29 +1,4 @@
 
-{% for user in salt.pillar.get('authorized_keys').keys() %}
-  {% set home = '' if user == 'root' else '/home' %}
-
-  {% if user != 'root' %}
-{{ home }}/{{ user }}/.ssh:
-  file.directory:
-    - user: {{ user }}
-    - group: {{ user }}
-    - mode: 700
-  {% endif %}
-
-{{ home }}/{{ user }}/.ssh/authorized_keys:
-  file.managed:
-    - template: jinja
-    - source: salt://users/files/authorized_keys.jinja
-    - user: {{ user }}
-    - group: {{ user }}
-    - mode: 400
-    - context:
-        user: {{ user }}
-    - require:
-      - file: {{ home }}/{{ user }}/.ssh
-
-{% endfor %}
-
 {% if salt.pillar.get('manage_root_bashrc', False) %}
 /root/.bashrc:
   file.managed:
@@ -36,46 +11,19 @@
       bashrc_user: root
 {% endif %}
 
-/root/.ssh:
-  file.directory:
-    - user: root
-    - group: root
-    - mode: 700
-
-{% if salt.pillar.get("ssh_hosts:root", None) is not none or salt.pillar.get('restic:client:environ:RESTIC_REPOSITORY', '').startswith('sftp:') %}
-/root/.ssh/config:
-  file.managed:
-    - source: 'salt://users/files/ssh_hosts.jinja'
-    - template: jinja
-    - user: root
-    - group: root
-    - mode: 400
-    - context:
-      user: root
-    - require:
-      - file: /root/.ssh
-{% endif %}
-
-{% for group in salt.pillar.get('sys_groups') %}
-{{ group }}:
-  group.present:
-    - system: True
-{% endfor %}
-
-{% for user, data in salt.pillar.get('users', {}).items() %}
+{% for user, config in salt.pillar.get('users', {}).items() %}
 
 {{ user }}_user:
   user.present:
     - name: {{ user }}
-    - shell: {{ data.get('shell', '/bin/bash')|yaml_encode }}
-{% if 'groups' in data %}
-    - groups:
-{%   for group in data['groups'] %}
-      - {{ group|yaml_encode }}
-{%   endfor %}
-{% endif %}
+    - shell: {{ config.get('shell', '/bin/bash') | yaml_encode }}
+  {% for key, val in config.items() %}
+    {% if key not in ('shell', 'manage_bashrc') %}
+    - {{ key }}: {{ val | tojson }}
+    {% endif %}
+  {% endfor %}
 
-{% if data.get('manage_bashrc', False) %}
+{% if config.get('manage_bashrc', False) %}
 /home/{{ user }}/.bashrc:
   file.managed:
     - source: 'salt://users/files/bashrc.jinja'
@@ -89,19 +37,5 @@
       - user: {{ user }}_user
 {% endif %}
 
-{% if salt.pillar.get('ssh_hosts', {}).get(user, None) is not none %}
-/home/{{ user }}/.ssh/config:
-  file.managed:
-    - source: 'salt://users/files/ssh_hosts.jinja'
-    - template: jinja
-    - user: {{ user }}
-    - group: {{ user }}
-    - mode: 0400
-    - context:
-      user: keiran
-    - require:
-      - file: /home/{{ user }}/.ssh
-{% endif %}
-
 {% endfor %}