include:
  - profile.borgbackup.packages

# create users
# home dirs should be /backup/$user

{% for user, key in pillar.get('profile:borgbackup:authorized_keys') %}

user_{{ user }}:
  user.present:
    - name: {{ user }}
    - home: /backup/{{ user }}

/backup/{{ user }}/.ssh:
  file.directory:
    - user: {{ user }}
    - mode: 700

# create */.ssh/authorized_keys  (TODO: maybe with COMMAND=...?)
/backup/{{ user }}/.ssh/authorized_keys:
  file.managed:
    - user: {{ user }}
    - mode: 600
    - contents:
      - {{ key }}

{% endfor %}