Commit 94158499 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Merge branch 'install_arch-ssh' into 'master'

install_arch: Use the root_ssh role for adding authorized_key

See merge request !365
parents aa37e4aa 38890b43
Pipeline #7281 passed with stage
in 54 seconds
......@@ -171,18 +171,11 @@
register: chroot_systemd_services
changed_when: "chroot_systemd_services.rc == 0"
- name: assign pubkey list to fact
set_fact: pubkey_list="{{ lookup('file', playbook_dir + "/../../pubkeys/" + item) }}"
register: pubkeys
vars:
playbook_dir: "{{ playbook_dir }}"
with_items: "{{ root_ssh_keys }}"
- name: assign pubkey string to fact
set_fact: pubkey_string={{ pubkeys.results | map(attribute='ansible_facts.pubkey_list') | join('\n') }}
- name: add authorized key for root
authorized_key: user=root key="{{ pubkey_string }}" path=/tmp/root.x86_64/mnt/root/.ssh/authorized_keys exclusive=yes
include_role:
name: root_ssh
vars:
root_ssh_directory: /tmp/root.x86_64/mnt/root/.ssh
- name: configure sshd
template: src=sshd_config.j2 dest=/mnt/etc/ssh/sshd_config owner=root group=root mode=0644
......
---
root_ssh_directory: /root/.ssh
---
- name: create .ssh directory
file: path={{ root_ssh_directory }} state=directory owner=root group=root mode=0700
- name: add authorized keys for root
template: src=authorized_keys.j2 dest=/root/.ssh/authorized_keys mode=0600 owner=root group=root
template: src=authorized_keys.j2 dest={{ root_ssh_directory }}/authorized_keys mode=0600 owner=root group=root
#jinja2: lstrip_blocks: True
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if user.hosts is not defined or inventory_hostname in user.hosts -%}
{{ lookup('file', '../pubkeys/' + user.key ) }}
{{ lookup('file', role_path + '/../../pubkeys/' + user.key ) }}
{% endif %}
{% endfor %}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment