Make sure webapps user on specs VM has ~/.authorized_keys

[renoirb]

Problem is that each user public keys are written in a different way in each user sls file (e.g. find ssh names in /srv/salt/users/robin.sls and /srv/salt/users/renoirb.sls.

In order to sync files using rsync we’ll have to feed SSH keys, and to achieve that it would be best to move user ssh keys in a pillar, and so we can then do some logic from there.

Tasks

• Create pillar schema to host all user public keys
• Move all users into pillars
• Edit states so that we can have the user state read keys from pillar
• Consider to allow storage of private keys, not a priority.

Time estimate

Dependency

• Parent: Redeploy specs.webplatform.org in new production environment #90

[renoirb]

As a temporary measure, the VM upstream-specs can get away with the following two commands.

cp /home/renoirb/.ssh/authorized_keys /srv/webapps/.ssh/
cat /home/robin/.ssh/authorized_keys >> /srv/webapps/.ssh/authorized_keys

Also, a a hacky state has been written in /srv/salt/specs/local.sls

Hack away issue ops-166:
  cmd.run:
    - name: |
        cp /home/renoirb/.ssh/authorized_keys /srv/webapps/.ssh/
        cat /home/robin/.ssh/authorized_keys >> /srv/webapps/.ssh/authorized_keys
        chown webapps:webapps /srv/webapps/.ssh/authorized_keys
        chmod 644 /srv/webapps/.ssh/authorized_keys
    - creates: /srv/webapps/.ssh/authorized_keys