Browse Source

Add new mechanismeus: github keys

It is now possible to add useres via github username \o/
master
L3D 11 months ago
parent
commit
ac63a664c7
No known key found for this signature in database
5 changed files with 41 additions and 1 deletions
  1. +8
    -0
      README.md
  2. +3
    -0
      defaults/main.yml
  3. +23
    -0
      tasks/github_user.yml
  4. +6
    -0
      tasks/main.yml
  5. +1
    -1
      vars/main.yml

+ 8
- 0
README.md View File

@@ -35,6 +35,8 @@ If the user does not exist it is hard to add a ssh key for him!

For aditional variables please have a look into ``defaults/main.yml``!

To add extra SSH Keys from github to a user use the ``github_users: {}`` settings

Files
-----

@@ -84,6 +86,12 @@ accounts:
- eve
```

Add ssh keys from github user ``DO1JLR`` for local user L3D
```
github_users:
l3d:
- do1jlr
```
Generate ed25519 SSH Keys
--------------------------------


+ 3
- 0
defaults/main.yml View File

@@ -11,6 +11,9 @@ admins_ssh_root_prefix: "{{ admins }}"
# all users including their ssh keys, which may want to log in
users: {}

# user keys from github
github_users: []

# all users who should be available on this host
accounts: []


+ 23
- 0
tasks/github_user.yml View File

@@ -0,0 +1,23 @@
---

- name: Extract local and remote user names
set_fact:
local_user: '{{ local_user_data.key }}'
remote_users: '{{ local_user_data.value }}'

- name: 'Setup .ssh for user {{ local_user }}'
become: yes
file:
path: '/home/{{ local_user }}/.ssh/'
state: directory
owner: '{{ local_user }}'
group: '{{ local_user }}'
mode: 'u=rwx,g=,o='

- name: 'Add ssh keys for user {{ local_user }}'
become: yes
authorized_key:
user: '{{ local_user }}'
state: present
key: 'https://github.com/{{ items }}.keys'
with_items: '{{ remote_users }}'

+ 6
- 0
tasks/main.yml View File

@@ -8,6 +8,12 @@
loop_control:
loop_var: local_user_data

- name: Setup local users ssh keys from github
include_tasks: github_user.yml
with_dict: '{{ github_users }}'
loop_control:
loop_var: local_user_data

- include_tasks: delete_keys.yml
when: manage_all_keys | bool


+ 1
- 1
vars/main.yml View File

@@ -1,4 +1,4 @@
---
playbook_version_number: 9001 # should be over ninethousand
playbook_version_number: 9002 # should be over ninethousand
playbook_version_path: 'users-and-ssh-keys_chaos-bodensee_github.com.version'
restict_ssh_user_access: false

Loading…
Cancel
Save