From 5c193e30212f77da31f9200cc31458e0ed86cbd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Thu, 28 Nov 2019 10:50:26 +0100 Subject: [PATCH] Allow for multiple ssh keys This required restructuring users.yml. --- group_vars/all/vars.yml | 20 ++++++++++++-------- roles/ubuntu_base/tasks/users.yml | 24 ++++++++++++++---------- 2 files changed, 26 insertions(+), 18 deletions(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 7b584f5..53cf921 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -1,31 +1,35 @@ --- users: - graffen: + - name: graffen comment: Jesper Hess Nielsen - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbxFVukt5TIzoB0HX2q8b8lHJmXD1juzsWOu5XkexVDlCsvupa1cZ/OVkrIEAbDKk6RmJQj0TJ2O5+v9hbf0TDi0Pi+V8ADZIgO+OW5a4EeXsU72a4CN0nEocQhUPfQuC4IU+F7icoG2/I9jXg7U6p1LhBr8vlC3cNHnrH3yqrakrUR51/iRVIwo4FKvQg7jutaKTyOjlYa1uTdaczvAzNHWEdytCQgFnkzpR9fHvzkA79qHUD9n32rIpJicRJsHY3NnyDGfBcDv+4sLq15sM9jN83duGnSuMMtZgfSriwMUd/UwVReU2ZKxjMLe3WHB7+ZE/p39OJk/gjVfWJVh/za1/teTAwaLLmxh/HFt+AVYWkCj22fUxscl0dh2zy6Ki1Ua3ApChn6v6Gvng6khobFlxawSJZ49+0KoAl1qqFMR1o9EGWvqgDPuITAqJFN+ik0jxcxfmKrG3mbOYM1ikhJd0ER8wbS8e6NowHUBV7PUyDqxP5VM2gum58IYrDqaP2RYYi9vWWnXJJA8J1t+Wp3bF7fdktyVgkd7HQk02uVkxdMQQ802GCrQQuvJhWTCzrgkgrjPY8p0KcbCNt6jYQOUKV0T2vp6PbTJ5XWKb5u7gVXW1xiP9dYzgAr0DroiTK4xIuF80mv1Rfst0ceHAIQVcQ3GcGbh000QUYzbHT2Q== openpgp:0x265EE03C (Graffen) password: $6$6bgPWZ76LvB$DZ3ipFsFtL2b1nSC0AQ63k8ibJidyIE9iIsWWzY0fux0ynz9L/o7b2sR2XYSaDuG.jewFV36IGStTF3NCZRC30 groups: - sudo + keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCbxFVukt5TIzoB0HX2q8b8lHJmXD1juzsWOu5XkexVDlCsvupa1cZ/OVkrIEAbDKk6RmJQj0TJ2O5+v9hbf0TDi0Pi+V8ADZIgO+OW5a4EeXsU72a4CN0nEocQhUPfQuC4IU+F7icoG2/I9jXg7U6p1LhBr8vlC3cNHnrH3yqrakrUR51/iRVIwo4FKvQg7jutaKTyOjlYa1uTdaczvAzNHWEdytCQgFnkzpR9fHvzkA79qHUD9n32rIpJicRJsHY3NnyDGfBcDv+4sLq15sM9jN83duGnSuMMtZgfSriwMUd/UwVReU2ZKxjMLe3WHB7+ZE/p39OJk/gjVfWJVh/za1/teTAwaLLmxh/HFt+AVYWkCj22fUxscl0dh2zy6Ki1Ua3ApChn6v6Gvng6khobFlxawSJZ49+0KoAl1qqFMR1o9EGWvqgDPuITAqJFN+ik0jxcxfmKrG3mbOYM1ikhJd0ER8wbS8e6NowHUBV7PUyDqxP5VM2gum58IYrDqaP2RYYi9vWWnXJJA8J1t+Wp3bF7fdktyVgkd7HQk02uVkxdMQQ802GCrQQuvJhWTCzrgkgrjPY8p0KcbCNt6jYQOUKV0T2vp6PbTJ5XWKb5u7gVXW1xiP9dYzgAr0DroiTK4xIuF80mv1Rfst0ceHAIQVcQ3GcGbh000QUYzbHT2Q== openpgp:0x265EE03C (Graffen) - valberg: + - name: valberg comment: Vidir Valberg Gudmundsson - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg password: $6$qt3G.E.CxhC$OwBDn4rZUbCz06HLEMBHjgvKjxiv/eeerbklTHi.gpHIn1OejzX3k2.0NM0Dforaw6Yn5Y8Cgn8kL2FdbQLZ3/ groups: - sudo + keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg - reynir: + - name: reynir comment: Reynir Björnsson - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJl8/rikIUnqr9fPF3rE0rjWHCNzte10LvkjGmpdO9ka/NubQ7O25fp08rC+n0d1pUooYwHBAgiv9Hsql6HF9QfNKNUp7IKp7CXWcjb4ga02kuzWGSXjm40Vf0jSadIrJ33M4SeJHTByDGoeYPQBQ7n+qHdwcqJADBQygBuc5sRzxm8i0sbmzF3DJDDVeTJjEY5pfR4vnJlpmU8SC2d1ZkhCjmKCsL0PShntTIt1ztCt0yO71KoHKaNPu1jutGxcU9u7J1pEqcPT6EzU/cQJ4DMVzrGp26nIV0msRl3NeGNjukwXOzAh6KmsmXG7yWFyQmLRqgc/bjUeyhuWJ10vwUbaYVeIef7YrgEOgnkYLIFeWRMhdnwtL/W8g1D66SFx7+iYJj180eTi8Lc8rZm2NaiGynvWlFcJ4PGdTYZsWcFzQ+SaDziNMw1H3IixxdlD8Shw9mxpijJ+A4dH2kkUXyGVsc13zRIU7hq9ax8nrw6HVLGFLn09rEPig+SkyWrqRpRGMBWyqTRJywIV6jk0ll+i8rJZA2McY0rABbACrzXT5VBj5dLKnnRITLDicAYgt7YuEiQ0ffErQrPXXHUVeI0QKnJgplSHxH5QsX9a1Y+NoaoditdMT2bjvEqROi+/JYRycLR/BQV/d2nFPhqwq1x1AFvL4f8UvVH/hxp3PXWw== reynir yubikey password: $6$MiPv.ZFlWnLHGNOb$jdQD9NaPMRUGaP2YHRJNwrMPBGl9qwK0HFhI6x51Xpn7hdzuC4GIwvOw1DJK33sNs/gGP5bWB0izviXkDcq7B0 groups: - sudo + keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJl8/rikIUnqr9fPF3rE0rjWHCNzte10LvkjGmpdO9ka/NubQ7O25fp08rC+n0d1pUooYwHBAgiv9Hsql6HF9QfNKNUp7IKp7CXWcjb4ga02kuzWGSXjm40Vf0jSadIrJ33M4SeJHTByDGoeYPQBQ7n+qHdwcqJADBQygBuc5sRzxm8i0sbmzF3DJDDVeTJjEY5pfR4vnJlpmU8SC2d1ZkhCjmKCsL0PShntTIt1ztCt0yO71KoHKaNPu1jutGxcU9u7J1pEqcPT6EzU/cQJ4DMVzrGp26nIV0msRl3NeGNjukwXOzAh6KmsmXG7yWFyQmLRqgc/bjUeyhuWJ10vwUbaYVeIef7YrgEOgnkYLIFeWRMhdnwtL/W8g1D66SFx7+iYJj180eTi8Lc8rZm2NaiGynvWlFcJ4PGdTYZsWcFzQ+SaDziNMw1H3IixxdlD8Shw9mxpijJ+A4dH2kkUXyGVsc13zRIU7hq9ax8nrw6HVLGFLn09rEPig+SkyWrqRpRGMBWyqTRJywIV6jk0ll+i8rJZA2McY0rABbACrzXT5VBj5dLKnnRITLDicAYgt7YuEiQ0ffErQrPXXHUVeI0QKnJgplSHxH5QsX9a1Y+NoaoditdMT2bjvEqROi+/JYRycLR/BQV/d2nFPhqwq1x1AFvL4f8UvVH/hxp3PXWw== reynir yubikey - deni: + - name: deni comment: Denis Smajlović - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0pB42dtqruXr2Ha8Rdp3QoSrMOLU5cbLMfuNTNmgwPZmprhGGRTAsz8E0aG+5HCFBmW6JxiTGyHGdIZrhYWpKYshxxn4zODfitP7IzDgvg9Pz0Ugw/c5i5eKjkVfw9xLZKjO/H3Ql8R+wFMawpdw7j+Q9G+J3eIidEI6TmSvJVWijBxpLI4qrLceL084qg93XpJENYBOcvx9fYQQ+Es0jo4hmPuHWq5VIkIoIfvVvdhwjlaBsqv2je5BNx8uTMVIyV34ZHpJc95wJ6MOcqpQunW2bR4mGc9FLh67eP2ba9nDoQ0pnnlWGqAIKx5P1ELIg7RM3HhuwfRVh4DxCfjXpMz3l1gr1dA1wVD9bOtzbPWLjo7LNkRcT/loba/jpznTNIEv+kawmm/H0aTZZdlofkGHuX0iOpLV1c1tCDMH1s/MCqwosSRihrXhSOozsABvaaZpJiHcpE4DcNr+xJhe1XrHMqR30KU0r7ulIP8JdhzMNEsq3HxZQh9s8XLIUukrpcpOgJYyGuQK3kG6li5kYbmVqjLDQ1xHi/4r/4TXjJYpsFCZ71SURLzxoF1nauHpBLKcHI3MPFvqr27SQcM92fO14wKDAmAtHINwzMQjlda6B0jFNC+2xUfHrH7yIhwSktytq5qbhiFKK71DSLiMKFvOqoTVWRckO2+Zw1HZB+Q== deni@deni.dk password: $6$ooKtdqASOxYJN2CJ$ziMrGG/qIOeyiTGjx.hPYjVBlHpzM9YY6qCJB9/L8aR33feUvXxZNBCgME93ZhbwDBjblS/tP796LsCF4i17D. groups: - sudo + keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0pB42dtqruXr2Ha8Rdp3QoSrMOLU5cbLMfuNTNmgwPZmprhGGRTAsz8E0aG+5HCFBmW6JxiTGyHGdIZrhYWpKYshxxn4zODfitP7IzDgvg9Pz0Ugw/c5i5eKjkVfw9xLZKjO/H3Ql8R+wFMawpdw7j+Q9G+J3eIidEI6TmSvJVWijBxpLI4qrLceL084qg93XpJENYBOcvx9fYQQ+Es0jo4hmPuHWq5VIkIoIfvVvdhwjlaBsqv2je5BNx8uTMVIyV34ZHpJc95wJ6MOcqpQunW2bR4mGc9FLh67eP2ba9nDoQ0pnnlWGqAIKx5P1ELIg7RM3HhuwfRVh4DxCfjXpMz3l1gr1dA1wVD9bOtzbPWLjo7LNkRcT/loba/jpznTNIEv+kawmm/H0aTZZdlofkGHuX0iOpLV1c1tCDMH1s/MCqwosSRihrXhSOozsABvaaZpJiHcpE4DcNr+xJhe1XrHMqR30KU0r7ulIP8JdhzMNEsq3HxZQh9s8XLIUukrpcpOgJYyGuQK3kG6li5kYbmVqjLDQ1xHi/4r/4TXjJYpsFCZ71SURLzxoF1nauHpBLKcHI3MPFvqr27SQcM92fO14wKDAmAtHINwzMQjlda6B0jFNC+2xUfHrH7yIhwSktytq5qbhiFKK71DSLiMKFvOqoTVWRckO2+Zw1HZB+Q== deni@deni.dk volume_root_folder: "/docker-volumes" diff --git a/roles/ubuntu_base/tasks/users.yml b/roles/ubuntu_base/tasks/users.yml index 1608901..4e9954c 100644 --- a/roles/ubuntu_base/tasks/users.yml +++ b/roles/ubuntu_base/tasks/users.yml @@ -1,21 +1,25 @@ --- - name: "Add users" user: - name: "{{ item.key }}" - comment: "{{ item.value.comment }}" - password: "{{ item.value.password }}" + name: "{{ item.name }}" + comment: "{{ item.comment }}" + password: "{{ item.password }}" update_password: "on_create" - groups: "{{ item.value.groups }}" - with_dict: "{{ users | default({}) }}" + groups: "{{ item.groups }}" + loop: "{{ users | default([]) }}" - name: "Add ssh authorized_keys" authorized_key: - user: "{{ item.key }}" - key: "{{ item.value.key }}" - with_dict: "{{ users | default({}) }}" + user: "{{ item.0.name }}" + key: "{{ item.1 }}" + with_subelements: + - "{{ users | default([]) }}" + - keys - name: "Add ssh authorized_keys to root user" authorized_key: user: "root" - key: "{{ item.value.key }}" - with_dict: "{{ users | default({}) }}" + key: "{{ item.1 }}" + with_subelements: + - "{{ users | default([]) }}" + - keys