{% set sudoers = pillar.get('sudoers', {}) %}
{% set defaults = sudoers.get('defaults', []) %}
{% set aliases = sudoers.get('aliases', {}) %}
{% set host_aliases = aliases.get('hosts', {}) %}
{% set user_aliases = aliases.get('users', {}) %}
{% set command_aliases = aliases.get('commands', {}) %}
{% set runas_aliases = aliases.get('runas', {}) %}
{% set users = sudoers.get('users', {}) %}
{% set groups = sudoers.get('groups', {}) %}
{% set includedir = sudoers.get('includedir', None) %}
#
# This file is managed by salt
#

{% for default in defaults -%}
Defaults {{ default }}
{% endfor %}

# Host alias specification
{%- for name,hosts in host_aliases.items() %}
Host_Alias {{ name }} = {{ ",".join(hosts) }}
{%- endfor %}

# User alias specification
{%- for name,users in user_aliases.items() %}
User_Alias {{ name }} = {{ ",".join(users) }}
{%- endfor %}

# Cmnd alias specification
{%- for name,commands in command_aliases.items() %}
Cmnd_Alias {{ name }} = {{ ",".join(commands) }}
{%- endfor %}

# Runas alias specification
{%- for name,runas in runas_aliases.items() %}
Runas_Alias {{ name }} = {{ ",".join(runas) }}
{%- endfor %}

# User privilege specification
{%- for user,spec in users.items() %}
{{ user }} {{ spec }}
{%- endfor %}

# Group privilege specification
{%- for group,spec in groups.items() %}
%{{ group }} {{ spec }}
{%- endfor %}

{% if includedir %}
includedir {{ includedir }}
{% else %}
#includedir /etc/sudoers.d
{% endif %}