########################
# code that creates users. #
########################
{%- for user in salt['pillar.get']('set_users') %}
{{user}}:
group:
- present
user.present:
- fullname: {{ salt['pillar.get']('set_users:set_fullname') }}
- shell: /bin/bash
- home: /home/{{user}}
- password: # Removed :)
- enforce_password: True
- groups:
- {{user}}
ssh_auth.present:
- user: {{user}}
- source: salt://.ssh_keys/{{user}}.authkey
- config: '%h/.ssh/authorized_keys'
{% endfor %}
########################
# Pillar file #
########################
set_users:
user1:
- set_fullname: I am user1
- set_admin: True
user2:
- set_fullname: I am user2
- set_admin: False
set_role:
- admin-only
# What I need now is someway to tell the user code that:
# if set_role is admin-only then it should only continue if set_admin is True.