From 4a255176b41b9f7db4f859c64c7fcfd783a43916 Mon Sep 17 00:00:00 2001
From: Jan Philipp Timme <jan.philipp@timme.it>
Date: Tue, 24 Nov 2020 13:43:13 +0100
Subject: [PATCH] Attempt to only use managed blocks for ssh known_hosts and
 config files

---
 deploy/user.sls | 35 +++++++++++++++++++++++++++++------
 1 file changed, 29 insertions(+), 6 deletions(-)

diff --git a/deploy/user.sls b/deploy/user.sls
index 70d3880..85baa57 100644
--- a/deploy/user.sls
+++ b/deploy/user.sls
@@ -5,19 +5,42 @@ deployer:
   group.absent: []
 
 
-/root/.ssh/known_hosts:
+deploy_user_ssh_known_hosts_file_present:
   file.managed:
-    - source: salt://deploy/tpl/ssh/known_hosts
+    - name: /root/.ssh/known_hosts
+    - create: True
+    - makedirs: True
     - user: root
     - group: root
+    - mode: 600
+
+deploy_user_add_managed_host_keys_to_known_hosts:
+  file.blockreplace:
+    - name: /root/.ssh/known_hosts
+    - append_if_not_found: True
+    - show_changes: True
+    - source: salt://deploy/tpl/ssh/known_hosts
     - makedirs: True
+    - require:
+      - file: deploy_user_ssh_known_hosts_file_present
 
-/root/.ssh/config:
+deploy_users_ssh_config_file_present:
   file.managed:
-    - source: salt://deploy/tpl/ssh/config
+    - name: /root/.ssh/config
+    - create: True
+    - makedirs: True
     - user: root
     - group: root
-    - makedirs: True
+    - mode: 600
+
+deploy_users_add_managed_config_to_ssh_config_file:
+  file.blockreplace:
+    - name: /root/.ssh/config
+    - append_if_not_found: True
+    - show_changes: True
+    - source: salt://deploy/tpl/ssh/config
+    - require:
+      - file: deploy_users_ssh_config_file_present
 
 deploy_key:
   file.managed:
@@ -43,4 +66,4 @@ deploy_key:
     - shell: /bin/false
     - groups: {{ user_groups }}
 
-{% endfor %}
\ No newline at end of file
+{% endfor %}
-- 
GitLab