Commit ea9f114d authored by Kristian Klausen's avatar Kristian Klausen 🎉 Committed by Jelle van der Waa
Browse files

root_ssh: Support giving root access to only some hosts

parent 08a77ae3
......@@ -13,13 +13,13 @@ sudo_users:
# deploy tag 'root_ssh' when this changes
root_ssh_keys:
- foutrelis.pub
- freswa.pub
- grazzolini.pub
- heftig.pub
- jelle.pub
- svenstaro.pub
- anthraxx.pub
- key: foutrelis.pub
- key: freswa.pub
- key: grazzolini.pub
- key: heftig.pub
- key: jelle.pub
- key: svenstaro.pub
- key: anthraxx.pub
# run playbook 'playbooks/tasks/reencrypt-vault-key.yml' when this changes
# before running it, make sure to gpg --lsign-key all of the below keys
......
#jinja2: lstrip_blocks: True
{% for user in root_ssh_keys | sort -%}
{{ lookup('file', '../pubkeys/' + user) }}
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if not user.hosts or inventory_hostname in user.hosts -%}
{{ lookup('file', '../pubkeys/' + user.key ) }}
{% endif %}
{% endfor %}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment