jotbe/ansible-role-common
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request 'Adds option to make authorized_keys exclusive (default: false)' (#3) from feature/exclusive-authorized-keys into master

Browse source 
Reviewed-on: #3
This commit is contained in:
Jan Beilicke 2023-12-10 15:31:44 +01:00
commit a550c49dec
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
defaults/main.yml
View file

@ -20,3 +20,4 @@ enable_sudo: yes
enable_passwordless_sudo: yes enable_passwordless_sudo: yes
# Skip provisioning of the firewall # Skip provisioning of the firewall
skip_firewall: no skip_firewall: no
authorized_keys_are_exclusive: false # Be careful, this will delete non-Ansible-managed authorized keys from the target!

3
tasks/users.yml
View file

@ -44,8 +44,9 @@
user: "{{ item }}" user: "{{ item }}"
state: present state: present
key: "{{ lookup('file', 'public_keys/id_{{ item }}.pub') }}" key: "{{ lookup('file', 'public_keys/id_{{ item }}.pub') }}"
exclusive: "{{ authorized_keys_are_exclusive | bool }}"
with_items: "{{ users }}" with_items: "{{ users }}"
ignore_errors: yes ignore_errors: true
- block: - block:
- name: 'Ensure that wheel group is existing' - name: 'Ensure that wheel group is existing'