Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Arch Linux
infrastructure
Commits
17ef4af8
Commit
17ef4af8
authored
May 28, 2016
by
Sven-Hendrik Haase
Browse files
Add ssh_keys role
parent
7a931924
Changes
6
Hide whitespace changes
Inline
Side-by-side
playbooks/orion.yml
View file @
17ef4af8
...
...
@@ -7,4 +7,5 @@
-
common
-
tools
-
sshd
-
ssh_keys
-
{
role
:
borg-client
,
backup_host
:
"
root@vostok.archlinux.org"
,
backup_dir
:
"
/backup/orion"
}
playbooks/vostok.yml
View file @
17ef4af8
...
...
@@ -7,4 +7,5 @@
-
common
-
tools
-
sshd
-
ssh_keys
-
{
role
:
borg-server
,
backup_dir
:
"
/backup"
,
backup_clients
:
"
orion"
}
roles/install_arch/file
s/florian.pub
→
pubkey
s/florian.pub
View file @
17ef4af8
File moved
roles/install_arch/file
s/sven.pub
→
pubkey
s/sven.pub
View file @
17ef4af8
File moved
roles/install_arch/tasks/main.yml
View file @
17ef4af8
...
...
@@ -108,9 +108,14 @@
-
name
:
enable services inside chroot
command
:
arch-chroot /mnt systemctl enable sshd systemd-networkd systemd-resolved
-
set_fact
:
pubkey_list="{{ lookup('file', '../pubkeys/' + item) }}"
register
:
pubkeys
with_items
:
"
{{
root_ssh_keys
}}"
-
set_fact
:
pubkey_string={{ pubkeys.results | map(attribute='ansible_facts.pubkey_list') | join('\n') }}
-
name
:
add authorized key for root
authorized_key
:
user=root key="{{ item }}" path=/mnt/root/.ssh/authorized_keys
with_file
:
"
{{
root_ssh_keys
}}"
authorized_key
:
user=root key="{{ pubkey_string }}" path=/mnt/root/.ssh/authorized_keys exclusive=yes
-
name
:
configure sshd
template
:
src=sshd_config.j2 dest=/mnt/etc/ssh/sshd_config owner=root group=root mode=0644
...
...
roles/ssh_keys/tasks/main.yml
0 → 100644
View file @
17ef4af8
---
-
set_fact
:
pubkey_list="{{ lookup('file', '../pubkeys/' + item) }}"
register
:
pubkeys
with_items
:
"
{{
root_ssh_keys
}}"
-
set_fact
:
pubkey_string={{ pubkeys.results | map(attribute='ansible_facts.pubkey_list') | join('\n') }}
-
name
:
add authorized key for root
authorized_key
:
user=root key="{{ pubkey_string }}" exclusive=yes
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment