Force sshdns user to non root

author: binary <me@rgoncalves.se> 2021-02-22 12:32:51 +0100
committer: binary <me@rgoncalves.se> 2021-02-22 12:32:51 +0100
commit: dba42efaae5544cf66494a28aa251cb003fee1fb (patch)
tree: 7eb98e2d3475bb0dd03b2986036aacc6c534ce87 /roles
parent: 1caa8046b6c5139726d4342b5ff5c5dda18b7016 (diff)
download: infrastructure-dba42efaae5544cf66494a28aa251cb003fee1fb.tar.gz
1 files changed, 16 insertions, 2 deletions
diff --git a/roles/sshdns/tasks/main.yml b/roles/sshdns/tasks/main.yml
index 0942e68..30cc958 100644
--- a/roles/sshdns/tasks/main.yml
+++ b/roles/sshdns/tasks/main.yml
@@ -4,13 +4,27 @@
 
 ---
 
+- name: get real user
+  shell: logname
+  register: sshdns_user
+  delegate_to: localhost
+
+- name: parse real username
+  set_fact:
+    sshdns_user: "{{ sshdns_user.stdout }}"
+
 - name: create config directory
   file:
-    path: "{{ lookup('env', 'HOME') }}/.ssh/config.d"
+    #path: "{{ lookup('env', 'HOME') }}/.ssh/config.d"
+    path: "/home/{{ sshdns_user }}/.ssh/config.d"
     state: directory
     mode: 0700
+  become: true
+  become_user: "{{ sshdns_user }}"
 
 - name: Generate template to localhost
   template:
     src: templates/generate_dns.j2
-    dest: "{{ lookup('env', 'HOME') }}/.ssh/config.d/ssh_dns"
+    dest: "/home/{{ sshdns_user }}//.ssh/config.d/ssh_dns"
+  become: true
+  become_user: "{{ sshdns_user }}"
author	binary <me@rgoncalves.se>	2021-02-22 12:32:51 +0100
committer	binary <me@rgoncalves.se>	2021-02-22 12:32:51 +0100
commit	dba42efaae5544cf66494a28aa251cb003fee1fb (patch)
tree	7eb98e2d3475bb0dd03b2986036aacc6c534ce87 /roles
parent	1caa8046b6c5139726d4342b5ff5c5dda18b7016 (diff)
download	infrastructure-dba42efaae5544cf66494a28aa251cb003fee1fb.tar.gz