commit cc71a09c80bda58a8ad9058483c7b79513b9d923
parent e203649169c6b539339b4b7c3490d58bec957525
Author: Leah (ctucx) <leah@ctu.cx>
Date: Wed, 10 Mar 2021 00:38:23 +0100
parent e203649169c6b539339b4b7c3490d58bec957525
Author: Leah (ctucx) <leah@ctu.cx>
Date: Wed, 10 Mar 2021 00:38:23 +0100
roles/common/user: allow setting of ssh-keys for root user
1 file changed, 25 insertions(+), 3 deletions(-)
diff --git a/roles/common/tasks/users.yml b/roles/common/tasks/users.yml @@ -11,9 +11,10 @@ append: yes name: "{{ item.name }}" group: "{{ item.name }}" - groups: "{{ item.groups }}" + groups: "{{ item.groups | default() }}" shell: "{{ item.shell | default('/bin/sh') }}" password: "{{item.password | password_hash('sha512', 'uD7ieghugeigh4eisoimoa3iushaeshechoonaequah5eiquerohph9paexai7oh') }}" + when: item.name != 'root' loop: "{{ system.users }}" - name: "Create ~/.ssh directory for users" @@ -23,6 +24,7 @@ mode: 0755 owner: "{{ item.name }}" group: "{{ item.name }}" + when: item.name != 'root' loop: "{{ system.users }}" - name: "Place ssh-key for users" @@ -32,4 +34,25 @@ mode: 0644 owner: "{{ item.name }}" group: "{{ item.name }}" - loop: "{{ system.users }}"- \ No newline at end of file + when: item.name != 'root' + loop: "{{ system.users }}" + +- name: "Create ~/.ssh directory for root" + file: + state: directory + dest: "/root/.ssh/" + mode: 0755 + owner: "{{ item.name }}" + group: "{{ item.name }}" + when: item.name == 'root' + loop: "{{ system.users }}" + +- name: "Place ssh-key for root" + copy: + content: "{{ item.allowedSshKeys | join('\n') }}" + dest: "/root/.ssh/authorized_keys" + mode: 0644 + owner: "{{ item.name }}" + group: "{{ item.name }}" + when: item.name == 'root' + loop: "{{ system.users }}"