aboutsummaryrefslogtreecommitdiffstats
path: root/roles/sshd_keys/tasks/main.yml
blob: d6cb511dd9a16400cf9f34bc0b7975dacce820ea (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
---

- name: get ssh keys for all users
  ansible.builtin.find:
    paths: "{{ sshd_keys__dir }}"
    recurse: true
  delegate_to: localhost
  run_once: true
  register: sshd_keys__result_find

- name: retrieve existing users
  ansible.builtin.getent:
    database: passwd
  register: sshd_keys__result_getent

- name: set authorized key, removing all the authorized keys already set
  ansible.posix.authorized_key:
    user: "{{ item.path | basename }}"
    key: "{{ lookup('file', item.path) }}"
    state: present
    exclusive: true
  when: item.path
    | basename in sshd_keys__result_getent.ansible_facts.getent_passwd
    | list
  loop_control:
    label: "{{ item.path }}"
  loop: "{{ sshd_keys__result_find.files }}"
remember that computers suck.