Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • antiz/infrastructure
  • okabe/infrastructure
  • eworm/infrastructure
  • polyzen/infrastructure
  • pitastrudl/infrastructure
  • sjon/infrastructure
  • torxed/infrastructure
  • jinmiaoluo/infrastructure
  • moson/infrastructure
  • serebit/infrastructure
  • ivabus/infrastructure
  • lb-wilson/infrastructure
  • gromit/infrastructure
  • matt-1-2-3/infrastructure
  • jocke-l/infrastructure
  • alucryd/infrastructure
  • maximbaz/infrastructure
  • ainola/infrastructure
  • segaja/infrastructure
  • nl6720/infrastructure
  • peanutduck/infrastructure
  • aminvakil/infrastructure
  • xenrox/infrastructure
  • felixonmars/infrastructure
  • denisse/infrastructure
  • artafinde/infrastructure
  • jleclanche/infrastructure
  • kpcyrd/infrastructure
  • metalmatze/infrastructure
  • kevr/infrastructure
  • dvzrv/infrastructure
  • dhoppe/infrastructure
  • ekkelett/infrastructure
  • seblu/infrastructure
  • lahwaacz/infrastructure
  • klausenbusk/infrastructure
  • alerque/infrastructure
  • hashworks/infrastructure
  • foxboron/infrastructure
  • shibumi/infrastructure
  • lambdaclan/infrastructure
  • ffy00/infrastructure
  • freswa/infrastructure
  • archlinux/infrastructure
44 results
Show changes
Commits on Source (3)
......@@ -572,3 +572,9 @@ arch_users:
ssh_key: yan12125.pub
groups:
- tu
# utility accounts to protect from the "disable ssh keys of disabled users" task
utility_users:
gemini.archlinux.org:
- svn-packages
- svn-community
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHo656zZGq2lK/AhoACM6v6h8rwCbWG4YVwlFjh9es8X dave@dvzrv
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGqlGt8LVYWzSoewv4Gf7W07BdRuj+3vApq+9Wdvvti openpgp:0xB551DFD6
......@@ -39,8 +39,9 @@
find: paths="/home" file_type="directory"
register: all_users
# TODO: this removes the keys of svn-packages and svn-community on gemini temporarily. add some form of whitelist for those users?
- name: disable ssh keys of disabled users
file: path="/home/{{ item }}/.ssh/authorized_keys" state=absent
when: item not in (arch_users_filtered | map(attribute='key'))
when:
- item not in (arch_users_filtered | map(attribute='key'))
- item not in (utility_users[inventory_hostname] | default([]))
with_items: "{{ all_users.files | map(attribute='path') | map('basename') | list }}"