Commit b8718d59 authored by Sven-Hendrik Haase's avatar Sven-Hendrik Haase
Browse files

Merge branch 'additional_root_keys' into 'master'

root_ssh: Support multiple SSH keys for the same user + root_ssh: Add additional SSH key for klausenbusk

See merge request archlinux/infrastructure!409
parents e3f4b262 98704c48
......@@ -22,6 +22,7 @@ root_ssh_keys:
- key: svenstaro.pub
- key: anthraxx.pub
- key: klausenbusk.pub
additional_keys: [klausenbusk_2.pub]
# run playbook 'playbooks/tasks/reencrypt-vault-key.yml' when this changes
# before running it, make sure to gpg --lsign-key all of the below keys
......
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCdl/+AxYj/qY/d8gUowSP1hNc2iU4jiTm0o+HkfqLzew6iRDGn9ZvIXkpKbrtG0sPwda/d4It2ykmcKj7i72vFmQ3ez44y1laA8Sr85GT3aedXiBDiPXf7v4p2Otkhd/P++5bfvmbNc7cE4JKKwenDArWI08LANiHKXE2QyU4CWHivLAPxNs5IHFKnj3j/MDAhRa4ViyITTXBwmqhxlQ+MguGKaX14NsGzZTIuRJG28GhBzJR+SRSh4Me/MRchYkIn+2C43CC7ykbGyoy7JadCKte4GwjN0Eg8syKDC2FgH3i1Df19OwqIUz23YYMW9nNz+vIOeTPGRjy87vhTUNB4G+NN9UbLFlYhGsjMqZn6ZXk6kXNFwgty23mq7PpygdSxE5mSili9P1e0dprjLSUPrlfBrUBZ5IDFzoWiIUlqPDDx3Li8zAXrAMGnLMjDa/hLyoNJKXuD4cnoiTxDfDjid59/EV5dC8QB82XvaYj1fnTdt3Wm93sIJfUzSmxPn6BdswPndjJu2HIkP+YFO+gXLviDnFf86e19sTN2geew8+PnKj1y4S1JPL8FIbK41zUUxXh7qNBPR+FHO33HfipDQ/dJPUVJD7b+2wHwFkxvZUkT81blMOPEfTUGtYLlazEyO/2QafENp2Uuj5tXyfsRUxDVjFtaj2+7adNxCZ8w0Q== klausenbusk_2
#jinja2: lstrip_blocks: True
# Arch DevOps keys
{% for user in root_ssh_keys | sort(attribute='key') -%}
{{ lookup('file', '../pubkeys/' + user.key) }}
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if user.hosts is not defined or inventory_hostname in user.hosts -%}
{{ lookup('file', role_path + '/../../pubkeys/' + user.key ) }}
{% if user.additional_keys is defined %}
{% for key in user.additional_keys | sort -%}
{{ lookup('file', role_path + '/../../pubkeys/' + key ) }}
{% endfor %}
{% endif %}
{% endif %}
{% endfor %}
# Client machines keys
......
......@@ -2,5 +2,10 @@
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if user.hosts is not defined or inventory_hostname in user.hosts -%}
{{ lookup('file', role_path + '/../../pubkeys/' + user.key ) }}
{% if user.additional_keys is defined %}
{% for key in user.additional_keys | sort -%}
{{ lookup('file', role_path + '/../../pubkeys/' + key ) }}
{% endfor %}
{% endif %}
{% endif %}
{% endfor %}
#jinja2: lstrip_blocks: True
# Arch DevOps keys
{% for user in root_ssh_keys | sort(attribute='key') -%}
{{ lookup('file', '../pubkeys/' + user.key) }}
{% for user in root_ssh_keys | sort(attribute="key") -%}
{% if user.hosts is not defined or inventory_hostname in user.hosts -%}
{{ lookup('file', role_path + '/../../pubkeys/' + user.key ) }}
{% if user.additional_keys is defined %}
{% for key in user.additional_keys | sort -%}
{{ lookup('file', role_path + '/../../pubkeys/' + key ) }}
{% endfor %}
{% endif %}
{% endif %}
{% endfor %}
# Client machines keys
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment