roles/sshd_keys/tasks/main.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

---

- name: get ssh keys for all users
  ansible.builtin.find:
    paths: "{{ sshd_keys_paths }}"
    file_type: link
    recurse: true
  delegate_to: localhost
  run_once: true
  register: sshd_keys_result_find

- name: set sshd_keys_found_users variable
  ansible.builtin.set_fact:
    sshd_keys_found_users: "{{ sshd_keys_result_find.files
      | map(attribute='path')
      | map('dirname')
      | map('basename')
      | unique }}"

- name: create groups for users with ssh keys
  ansible.builtin.group:
    name: "{{ item }}"
    state: present
  loop: "{{ sshd_keys_found_users }}"

- name: create users with ssh keys
  ansible.builtin.user:
    name: "{{ item }}"
    group: "{{ item }}"
    state: present
  loop: "{{ sshd_keys_found_users }}"

- name: synchronize ssh keys
  ansible.posix.authorized_key:
    user: "{{ item.path | dirname | basename }}"
    state: present
    key: "{{ lookup('file', item.path) }}"
  loop_control:
    label: "{{ item.path }}: {{ item.path | dirname | basename }}"
  loop: "{{ sshd_keys_result_find.files }}"
  failed_when: false