From 1e1255a1fa24efd48c353b517d99e49f08b63b0c Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Sat, 26 Jan 2019 18:41:28 -0500 Subject: [PATCH] Add authorized_keys support It is possible people also want to setup the .ssh/authorized_keys file. Change-Id: I039f5b866192bb5309bff23f4811cdf83ba859af Signed-off-by: Paul Belanger --- defaults/main.yaml | 4 ++++ tasks/config.yaml | 10 ++++++++++ templates/authorized_keys.j2 | 4 ++++ 3 files changed, 18 insertions(+) create mode 100644 templates/authorized_keys.j2 diff --git a/defaults/main.yaml b/defaults/main.yaml index bf129a3..4222854 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -21,6 +21,10 @@ ssh_user_name: ssh_user_home: "/home/{{ ssh_user_name }}" ssh_user_group: "{{ ssh_user_name }}" +ssh_authorized_keys_content: +ssh_authorized_keys_dest: "{{ ssh_user_home }}/.ssh/authorized_keys" +ssh_authorized_keys_src: authorized_keys.j2 + ssh_key_private_content: ssh_key_private_dest: "{{ ssh_user_home }}/.ssh/id_rsa" ssh_key_private_src: id_rsa.j2 diff --git a/tasks/config.yaml b/tasks/config.yaml index c3af9c7..1ca6b04 100644 --- a/tasks/config.yaml +++ b/tasks/config.yaml @@ -21,6 +21,16 @@ owner: "{{ ssh_user_name }}" state: directory +- name: Create ssh authorized_keys file + become: yes + template: + dest: "{{ ssh_authorized_keys_dest }}" + group: "{{ ssh_user_group }}" + mode: 0600 + owner: "{{ ssh_user_name }}" + src: "{{ ssh_authorized_keys_src }}" + when: ssh_authorized_keys_content | default(False) + - name: Create ssh known_hosts file become: yes template: diff --git a/templates/authorized_keys.j2 b/templates/authorized_keys.j2 new file mode 100644 index 0000000..0409ecc --- /dev/null +++ b/templates/authorized_keys.j2 @@ -0,0 +1,4 @@ +# This file is generated by Ansible +# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN +# +{{ ssh_authorized_keys_content }}