library/roles/ssh-keys, library/roles/ubuntu-deb-general/tasks/pubkeys.yml: Fix the root ssh keys management.

This commit is contained in:
Andrea Dell'Amico 2016-03-07 15:47:16 +01:00
parent 3e1d3335de
commit 075f946517
3 changed files with 7 additions and 7 deletions

View File

@ -3,7 +3,7 @@
authorized_key: user={{ item.0.name }} key="{{ item.1 }}" state=present authorized_key: user={{ item.0.name }} key="{{ item.1 }}" state=present
when: non_root_users when: non_root_users
with_subelements: with_subelements:
- '{{ ssh_users_list }}' - '{{ ssh_users_list | default ([]) }}'
- authorized_keys - authorized_keys
tags: [ "pubkeys", "ssh_keys" ] tags: [ "pubkeys", "ssh_keys" ]
@ -13,6 +13,6 @@
- obsolete_ssh_key is defined - obsolete_ssh_key is defined
- non_root_users - non_root_users
with_subelements: with_subelements:
- '{{ ssh_users_list }}' - '{{ ssh_users_list | default ([]) }}'
- authorized_keys - authorized_keys
tags: [ "pubkeys", "ssh_keys" ] tags: [ "pubkeys", "ssh_keys" ]

View File

@ -1,12 +1,13 @@
--- ---
- name: Install the ssh keys for the authorized users - name: Install the ssh keys for the authorized users
authorized_key: user=root key="{{ item }}" state=present authorized_key: user=root key="{{ item }}" state=present
with_items: '{{ user_ssh_key }}' with_items: '{{ root_ssh_keys | default([]) }}'
when: manage_root_ssh_keys
tags: [ 'pubkeys', 'ssh_keys' ] tags: [ 'pubkeys', 'ssh_keys' ]
- name: Remove obsolete ssh keys if there are any - name: Remove obsolete ssh keys if there are any
authorized_key: user=root key="{{ item }}" state=absent authorized_key: user=root key="{{ item }}" state=absent
with_items: '{{ obsolete_ssh_key }}' with_items: '{{ obsolete_root_ssh_keys | default([]) }}'
when: obsolete_ssh_key is defined when: obsolete_ssh_key is defined
tags: [ 'pubkeys', 'ssh_keys' ] tags: [ 'pubkeys', 'ssh_keys' ]

View File

@ -1,13 +1,12 @@
--- ---
# TODO: fetch the keys from ldap
- name: various pub ssh keys for users and apps - name: various pub ssh keys for users and apps
authorized_key: user=root key="{{ item }}" state=present authorized_key: user=root key="{{ item }}" state=present
with_items: '{{ root_ssh_keys }}' with_items: '{{ root_ssh_keys | default([]) }}'
when: manage_root_ssh_keys when: manage_root_ssh_keys
tags: root_pubkeys tags: root_pubkeys
- name: Remove obsolete keys from the authorized ones - name: Remove obsolete keys from the authorized ones
authorized_key: user=root key="{{ item }}" state=absent authorized_key: user=root key="{{ item }}" state=absent
with_items: '{{ obsolete_root_ssh_keys }}' with_items: '{{ obsolete_root_ssh_keys | default([]) }}'
when: obsolete_root_ssh_keys is defined when: obsolete_root_ssh_keys is defined
tags: root_pubkeys tags: root_pubkeys