Adding Git deploy key files

diff --git a/utils/files/id-git-deploy.priv b/utils/files/id-git-deploy.priv
new file mode 100644 (file)
index 0000000..ccfd0ef
--- /dev/null
+++ b/utils/files/id-git-deploy.priv
@@ -0,0 +1,5 @@
+{%- set key_type = salt['pillar.get']('git:deploy:priv-key-type', 'RSA') -%}
+{%- set key_val = salt['pillar.get']('git:deploy:priv-key-val', 'bla').strip() -%}
+-----BEGIN {{ key_type }} PRIVATE KEY-----
+{{ key_val }}
+-----END {{ key_type }} PRIVATE KEY-----

diff --git a/utils/files/id-git-deploy.pub b/utils/files/id-git-deploy.pub
new file mode 100644 (file)
index 0000000..fbc0c5a
--- /dev/null
+++ b/utils/files/id-git-deploy.pub
@@ -0,0 +1,4 @@
+{%- set key_type = salt['pillar.get']('git:deploy:pub-key-type', 'ssh-rsa') -%}
+{%- set key_val = salt['pillar.get']('git:deploy:pub-key-val', 'bla').replace(' ', '').strip() -%}
+{%- set key_comment = salt['pillar.get']('git:deploy:pub-key-comment', 'Git deploy') -%}
+{{ key_type }} {{ key_val }} {{ key_comment }}

diff --git a/utils/root.sls b/utils/root.sls
new file mode 100644 (file)
index 0000000..afa8a0f
--- /dev/null
+++ b/utils/root.sls
@@ -0,0 +1,34 @@
+{%- set key_type = salt['pillar.get']('git:deploy:pub-key-type', 'ssh-rsa').replace('ssh-', '') -%}
+
+root-ssh-dir:
+  file.directory:
+    - name: /root/.ssh
+    - user: root
+    - group: root
+    - dir_mode: 700
+
+root-git-deploy-key-priv:
+  file.managed:
+    - name: /root/.ssh/id_{{ key_type }}.git-deploy
+    - source: salt://utils/files/id-git-deploy.priv
+    - user: root
+    - group: root
+    - mode: 600
+    - backup: minion
+    - template: jinja
+    - backup: minion
+    - require:
+      - file: root-ssh-dir
+
+root-git-deploy-key-pub:
+  file.managed:
+    - name: /root/.ssh/id_{{ key_type }}.git-deploy.pub
+    - source: salt://utils/files/id-git-deploy.pub
+    - user: root
+    - group: root
+    - mode: 644
+    - backup: minion
+    - template: jinja
+    - backup: minion
+    - require:
+      - file: root-ssh-dir