From 077f2ab15fb8bddec4f2370aa0763f47e89297fb Mon Sep 17 00:00:00 2001
From: Joe Groocock <me@frebib.net>
Date: Sun, 12 Jul 2020 09:50:30 +0100
Subject: [PATCH] Add users and ssh service

Signed-off-by: Joe Groocock <me@frebib.net>
---
 states/sshd/init.sls     | 14 ++++++++++++++
 states/top.sls           |  4 ++++
 states/users/init.sls    | 19 +++++++++++++++++++
 states/users/users.jinja | 17 +++++++++++++++++
 4 files changed, 54 insertions(+)
 create mode 100644 states/sshd/init.sls
 create mode 100644 states/top.sls
 create mode 100644 states/users/init.sls
 create mode 100644 states/users/users.jinja

diff --git a/states/sshd/init.sls b/states/sshd/init.sls
new file mode 100644
index 0000000..5c100c5
--- /dev/null
+++ b/states/sshd/init.sls
@@ -0,0 +1,14 @@
+include:
+- users
+
+openssh-client:
+  pkg.installed:
+  - version: latest
+
+sshd-service:
+  service.running:
+  - name: ssh
+  - enable: true
+  - require:
+    - sls: users
+    - pkg: openssh-client
diff --git a/states/top.sls b/states/top.sls
new file mode 100644
index 0000000..a5c0bee
--- /dev/null
+++ b/states/top.sls
@@ -0,0 +1,4 @@
+{{ saltenv }}:
+  '*':
+  - users
+  - sshd
diff --git a/states/users/init.sls b/states/users/init.sls
new file mode 100644
index 0000000..15e7230
--- /dev/null
+++ b/states/users/init.sls
@@ -0,0 +1,19 @@
+{%- import_yaml 'users/users.jinja' as users %}
+
+{%- if users is not mapping %}
+  {%- do raise('users/users.jinja is malformed') %}
+{%- endif %}
+
+{%- for name, user in users.items() %}
+{{ name|json }}:
+  user.present:
+  - usergroup: true
+  - createhome: true
+  - groups: {{ user.get('groups', [])|json }}
+  {%- if user.password is defined %}
+  - password: {{ user.password|json }}
+  {%- endif %}
+  {%- if user.shell is defined %}
+  - shell: {{ user.shell }}
+  {%- endif %}
+{%- endfor %}
diff --git a/states/users/users.jinja b/states/users/users.jinja
new file mode 100644
index 0000000..9eb025f
--- /dev/null
+++ b/states/users/users.jinja
@@ -0,0 +1,17 @@
+{%- set sudo_group = 'sudo' if grains.os|lower == 'debian' else 'wheel' %}
+
+frebib:
+  groups:
+  - {{ sudo_group }}
+  ssh-keys:
+  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINk+sOUEXKsGqITyMhna9v77ADGagkr3YMpgZFkrvqcd frebib@frebib-PC
+  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIGxhZPQM/3Ck+DNNM0CoIZTsvKqQLKq8fqQoO6fXzX frebib@frebib-OnePlus3
+
+adam:
+  groups:
+  - {{ sudo_group }}
+  ssh-keys:
+  - ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAiF/WxxMOOE/r8I/anF8gKarjNFmeoPuXNMYE0Hwo/NMqbJ9qKVONn+4fa5T99yhhAnYy92PBPxjmSsOqex28XZFh4I4GBGKh+Su1tJKLXsts1rbJmB1gSpKGbbjsiZcta4FqbiLKyUGL1wiV6GWucKdkC9lfTfocmH20tLbqSTryTAfy62oaEyEUSSATcwnl6ITF6BaQVGT8e78O4DpMYvYXFDa0nre0GlBigI0bAIHknmo+5JuL9i6RbnLr/zHMBiT3lnqQ8IO0JLNJD3ML/X/vgo3Htd6ovKe28YBi+LV+olpcFlQGSpNj+gE67UYb+Hw4mMTjzG4RhNHfQZCrNw== adampc
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYo04d3a7J22F0NlAM1MeqmZrbF7iaF9p9whLQmq/gYgZnFKtW7G/rQCUUG5X8yEn5LXkc9SYdRceyaleNDAe0/uEJIbbm+VPgkShV+pyA8AbP4+OF95JKgCS6/B59IStF8GrVnX9krjYLYVwS3FqwvYt/ZkYriX4hkaTkf3FslLU7eEwrDec3RuGXhTDTdLdFyq6wXsI/bITX2C0b8D5obNNkyPJFVV1zshy9mQ5/5wjHYLyZhUSRzcY6xDOlxWmTSHseYG1U5espgba7t6ZaL/n44IrXzFsuXRIA74rx3ESAtCEesM3TaPI/Q8dHOYsCdDquTyccP/nEkDCxxhl3 adam-laptop
+  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1V9+YmjPyOVdN4tj0MvyyZ4ZMZWkkTeQqEmRRNN0JcogunG97vo32UiZnt2gSPLZjutK5ql1SGTdgbaoSU4ci5vkKjhB8FpozupzvIy2qZ35v2K3eMsU43bLNY23R+ixDpXWkDgXQSVXTZdK3v/zNtDU3RE8vOqa9GFNl9DCGr+ppGfGxWOR6SMcuHu26dZf8pges3D23465kVzWJre3I7G3AGo49y0b9XCk1SkQPhPqQABcSv+k3Cp7hGdvSpj2kS29FRyHZZ5fksAX6N/Csz5Pc/4FyGY4S8Kd0SwdvxNVAGmWPIoB6cg+PBYnsSRYLUcSkWNpEkxK21u3kIS6F02NRs8kbPznr5S+S1E6PHmMRvCfmvegnh+QF+/W88kb9LBaicgDCo+A3vcLC5pfMPRFEXXNkKltlXDkO7/wGC93pUrP0X0sx9QuyqwAPacnZd0OX4uX7jJeMsbGSq+tXLGp1kGOET4J9GeoQrIK/NUxQkF6zDhWH6FcbescmIma4Ys3c1XZHs19DysVC7U/0wr8USzm2ljQ65Nyp0Hv18DdZZerQHkFx0LCJedrVaPC87xBHZORQlrvaF307dYaRLzCn6Jf9dYM2HgK/F0Y7hZv5KhU6J7upXivUJFN6/VMGCptA9DFLSje5Y7vXeWZkTEfghbm2Ylk2BtzuT7CLYw== adam-cpwc
+