forked from ISTI-ansible-roles/ansible-roles
library/roles/ssh-keys, library/roles/ubuntu-deb-general/tasks/pubkeys.yml: Fix the root ssh keys management.
This commit is contained in:
parent
3e1d3335de
commit
075f946517
|
@ -3,7 +3,7 @@
|
|||
authorized_key: user={{ item.0.name }} key="{{ item.1 }}" state=present
|
||||
when: non_root_users
|
||||
with_subelements:
|
||||
- '{{ ssh_users_list }}'
|
||||
- '{{ ssh_users_list | default ([]) }}'
|
||||
- authorized_keys
|
||||
tags: [ "pubkeys", "ssh_keys" ]
|
||||
|
||||
|
@ -13,6 +13,6 @@
|
|||
- obsolete_ssh_key is defined
|
||||
- non_root_users
|
||||
with_subelements:
|
||||
- '{{ ssh_users_list }}'
|
||||
- '{{ ssh_users_list | default ([]) }}'
|
||||
- authorized_keys
|
||||
tags: [ "pubkeys", "ssh_keys" ]
|
||||
|
|
|
@ -1,12 +1,13 @@
|
|||
---
|
||||
- name: Install the ssh keys for the authorized users
|
||||
authorized_key: user=root key="{{ item }}" state=present
|
||||
with_items: '{{ user_ssh_key }}'
|
||||
with_items: '{{ root_ssh_keys | default([]) }}'
|
||||
when: manage_root_ssh_keys
|
||||
tags: [ 'pubkeys', 'ssh_keys' ]
|
||||
|
||||
- name: Remove obsolete ssh keys if there are any
|
||||
authorized_key: user=root key="{{ item }}" state=absent
|
||||
with_items: '{{ obsolete_ssh_key }}'
|
||||
with_items: '{{ obsolete_root_ssh_keys | default([]) }}'
|
||||
when: obsolete_ssh_key is defined
|
||||
tags: [ 'pubkeys', 'ssh_keys' ]
|
||||
|
||||
|
|
|
@ -1,13 +1,12 @@
|
|||
---
|
||||
# TODO: fetch the keys from ldap
|
||||
- name: various pub ssh keys for users and apps
|
||||
authorized_key: user=root key="{{ item }}" state=present
|
||||
with_items: '{{ root_ssh_keys }}'
|
||||
with_items: '{{ root_ssh_keys | default([]) }}'
|
||||
when: manage_root_ssh_keys
|
||||
tags: root_pubkeys
|
||||
|
||||
- name: Remove obsolete keys from the authorized ones
|
||||
authorized_key: user=root key="{{ item }}" state=absent
|
||||
with_items: '{{ obsolete_root_ssh_keys }}'
|
||||
with_items: '{{ obsolete_root_ssh_keys | default([]) }}'
|
||||
when: obsolete_root_ssh_keys is defined
|
||||
tags: root_pubkeys
|
||||
|
|
Loading…
Reference in New Issue