Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Arch Linux
infrastructure
Commits
ea9f114d
Commit
ea9f114d
authored
Apr 01, 2021
by
Kristian Klausen
🎉
Committed by
Jelle van der Waa
Apr 09, 2021
Browse files
root_ssh: Support giving root access to only some hosts
parent
08a77ae3
Changes
2
Hide whitespace changes
Inline
Side-by-side
group_vars/all/root_access.yml
View file @
ea9f114d
...
...
@@ -13,13 +13,13 @@ sudo_users:
# deploy tag 'root_ssh' when this changes
root_ssh_keys
:
-
foutrelis.pub
-
freswa.pub
-
grazzolini.pub
-
heftig.pub
-
jelle.pub
-
svenstaro.pub
-
anthraxx.pub
-
key
:
foutrelis.pub
-
key
:
freswa.pub
-
key
:
grazzolini.pub
-
key
:
heftig.pub
-
key
:
jelle.pub
-
key
:
svenstaro.pub
-
key
:
anthraxx.pub
# run playbook 'playbooks/tasks/reencrypt-vault-key.yml' when this changes
# before running it, make sure to gpg --lsign-key all of the below keys
...
...
roles/root_ssh/templates/authorized_keys.j2
View file @
ea9f114d
#jinja2: lstrip_blocks: True
{% for user in root_ssh_keys | sort -%}
{{ lookup('file', '../pubkeys/' + user) }}
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if not user.hosts or inventory_hostname in user.hosts -%}
{{ lookup('file', '../pubkeys/' + user.key ) }}
{% endif %}
{% endfor %}
Kristian Klausen
🎉
@klausenbusk
mentioned in merge request
!365 (merged)
·
Apr 27, 2021
mentioned in merge request
!365 (merged)
mentioned in merge request !365
Toggle commit list
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment