diff options
author | binary <me@rgoncalves.se> | 2020-12-06 15:15:10 +0100 |
---|---|---|
committer | binary <me@rgoncalves.se> | 2020-12-06 15:15:10 +0100 |
commit | 7d6b98e708f9f468a54cfb114bf45cc63a69b9bd (patch) | |
tree | 392be359295b1df9ce0d6baaf266ba29e0bddf9c | |
parent | 06ea085df10929a10e003ab28cf0aed22aaa462e (diff) | |
download | infrastructure-7d6b98e708f9f468a54cfb114bf45cc63a69b9bd.tar.gz |
Add dynamic ssh keys for users based on implicit directories
l--------- | files/pubkeys/puffy/rgoncalves.pub | 1 | ||||
-rw-r--r-- | roles/sshd/tasks/main.yml | 21 |
2 files changed, 22 insertions, 0 deletions
diff --git a/files/pubkeys/puffy/rgoncalves.pub b/files/pubkeys/puffy/rgoncalves.pub new file mode 120000 index 0000000..f869ceb --- /dev/null +++ b/files/pubkeys/puffy/rgoncalves.pub @@ -0,0 +1 @@ +../rgoncalves.pub
\ No newline at end of file diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml index 0969429..8c032ee 100644 --- a/roles/sshd/tasks/main.yml +++ b/roles/sshd/tasks/main.yml @@ -12,6 +12,27 @@ group: "{{ group_root }}" mode: 0644 +- name: get ssh keys for all user + find: + paths: "{{ inventory_dir }}/files/pubkeys" + pattern: "*.pub" + recurse: true + file_type: link + register: keys + delegate_to: localhost + +- name: show pubkeys + debug: + var: keys + +- name: synchronize ssh keys + ansible.posix.authorized_key: + user: "{{ item.path | dirname | basename }}" + state: present + key: "{{ lookup('file', item.path) }}" + ignore_errors: true + loop: "{{ keys.files }}" + - name: restart sshd service: name: sshd |