mirror of
https://github.com/jerikan-network/cmdb.git
synced 2024-05-06 04:54:50 +00:00
Vincent Bernat
d191613ab8
No history. If you have the original history, you can use: ``` git replace THISCOMMIT b0b998bd1c651e308ac71a9158e07e5c3521a281 ```
43 lines
1.1 KiB
Django/Jinja
43 lines
1.1 KiB
Django/Jinja
system {
|
|
replace: root-authentication {
|
|
encrypted-password "{{ lookup('system', 'passwords').root }}"; ## SECRET-DATA
|
|
}
|
|
services {
|
|
replace: ssh {
|
|
authentication-order password;
|
|
root-login deny;
|
|
protocol-version v2;
|
|
connection-limit 10;
|
|
rate-limit 10;
|
|
}
|
|
replace: netconf {
|
|
ssh;
|
|
}
|
|
}
|
|
replace: login {
|
|
message "{{ lookup('system', 'motd') | replace('\\', '\\\\') | replace('"', '\\"') | replace('\n', '\\n') }}";
|
|
retry-options {
|
|
tries-before-disconnect 3;
|
|
backoff-threshold 3;
|
|
backoff-factor 5;
|
|
maximum-time 20;
|
|
}
|
|
class backup {
|
|
permissions [ secret view view-configuration ];
|
|
}
|
|
{% for user, value in lookup("system", "users").items() %}
|
|
user {{ user }} {
|
|
class {{ value.class | default("super-user") }};
|
|
authentication {
|
|
{% if value.ssh is defined %}
|
|
ssh-rsa "{{ value.ssh }} {{ user }}";
|
|
{% endif %}
|
|
{% if value["junos-password"] is defined %}
|
|
encrypted-password "{{ value["junos-password"] }}"; ## SECRET-DATA
|
|
{% endif %}
|
|
}
|
|
}
|
|
{% endfor %}
|
|
}
|
|
}
|