Browse Source

ssh: Remove jinja generator for ssh_known_hosts. Will be done via cron job.

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>
Maximilian Wilhelm 4 years ago
parent
commit
8163057bbb
1 changed files with 0 additions and 22 deletions
  1. 0 22
      ssh/init.sls

+ 0 - 22
ssh/init.sls

@@ -106,25 +106,3 @@ ssh-{{ user }}:
     - watch_in:
       - service: ssh
 {% endfor %}
-
-# Manage known-hosts
-{% set type = 'ed25519' %}
-{% for host_name, host_config in salt['pillar.get']('nodes').items() if host_config.get('ssh', {}).get('host', {}).get(type, False) %}
-  {% set hosts = [ host_name, host_name|replace('.in.ffho.net',''), salt['ffho_net.get_loopback_ip'](host_config, host_config.id, 'v4'), salt['ffho_net.get_loopback_ip'](host_config, host_config.id, 'v6') ] + host_config.ssh.host.get('aliases', []) %}
-  {% set host_external = host_name|replace('.in.','.') %}
-  {% for iface, iface_config in host_config.get('ifaces', {}).items() if iface_config.get('vrf', 'none') == 'vrf_external' and host_external not in hosts %}
-    {% do hosts.append(host_external) %}
-    {% for ip in iface_config.get('prefixes', []) if not ip.startswith('192.168.') %}
-      {% do hosts.append(ip.split('/')[0]) %}
-    {% endfor %}
-  {% endfor %}
-  {% for host in hosts %}
-{{ host }}-{{ type }}:
-  ssh_known_hosts.present:
-    - name: {{ host }}
-    - key: {{ host_config.ssh.host.get(type, {}).pubkey.split(' ')[1] }}
-    - enc: {{ type }}
-    - require:
-      - pkg: ssh
-  {% endfor %}
-{% endfor %}