Verified Commit 28ef4d28 authored by Florian Pritz's avatar Florian Pritz
Browse files

archusers: Add support for single-host SSH keys



Some of our users have keys that they only want on a few machines and
reconfigure each time we deploy. Now we can configure and deploy such
keys.
Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 24840e1a
......@@ -13,13 +13,12 @@
state: present
with_dict: "{{ arch_users }}"
- name: create .ssh directory
file: path=/home/{{item.key}}/.ssh state=directory owner={{item.key}} group=users mode=0700
with_dict: "{{ arch_users }}"
- name: configure ssh keys
authorized_key:
user: "{{ item.key }}"
key: "{{ lookup('file', '../pubkeys/' + item.value.ssh_key) }}"
manage_dir: yes
state: present
exclusive: yes
template: src=authorized_keys.j2 dest=/home/{{item.key}}/.ssh/authorized_keys owner={{item.key}} group=users mode=0600
when: item.value.ssh_key is defined
with_dict: "{{ arch_users }}"
......
#jinja2: lstrip_blocks: True
{{ lookup('file', '../pubkeys/' + item.value.ssh_key) }}
{% if item.value.additional_ssh_keys is defined %}
{% for key in item.value.additional_ssh_keys %}
{% if inventory_hostname in key.hosts %}
{{ lookup('file', '../pubkeys/' + key.name) }}
{% endif %}
{% endfor %}
{% endif %}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment