forked from bitlair/ansible
Manage SSH keys with Ansible
This commit is contained in:
parent
eff6091c5a
commit
6fc9d8df96
19 changed files with 49 additions and 0 deletions
1
authorized_keys/ak.keys
Normal file
1
authorized_keys/ak.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ0ryG8LT5ryjc3tZggVP0cxjXoKOPzUIwmB9Yez+u3nDHc3RdLR0V/BdcVPCJl9vOQwsFaTE34ZEZ3A6qkcSaz2Npxqq0eFtcEAKTy9w41C6jE586jkwkednSK9ObFFZnlSA3ielYeB5bRuELHyvazHWSUGn+/nzuujAYpEABRGAlt0IV2eMugsb1aEs5v8/Hw3REGz6IeNBwlVOzDznGK4N0b1es270k2fpkD0XMRnga7x2eduD74gRYJHo41sKz6kqHFfXjvrH6Efrn5sNtTF7pIkPfeiX4ukDQYG6Ynxgkdbi1pMg5zGjjjRZ0iExKqNi+jtZhVewqFvj66vLX arjan@koopen.net
|
1
authorized_keys/bob.keys
Normal file
1
authorized_keys/bob.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPw0k0OEI/Gf5eM8/S5+R2Xo3pjGiHyRmGZjrNTJs5dtydEM6t1am7EeBRO1bBuxl3zx+MHoQyjA9GtKibv/uB3WridrLqy2b4bjsRvP9WdbrOacXk8ZkUzRgV7qj/szwnByANOw+jXufBuEEoDfmaprWKGKkTcCnbB/e4E069d2fQxClQ3MDNJSJ2n+9MTv79twJjZqJaMs/LR24nfwTaNNdNIeP6dsUpLBHvhvwxxpi67Y63YjZKFI8watC2D1RNhBLZSRM9lW7zzCmm4H+nBSMKBTRVZsXJPDjvT5WLrxbfOEHWtFucFc9lkKg0ZFgmnrQiFpo9Bmra1AlsPE7P bob@xbmc.org
|
1
authorized_keys/eightdot.keys
Normal file
1
authorized_keys/eightdot.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrNJu4DUU1a0aKcUPR5zF9yhqbBIX5zyMCrjMROhsU3DspZKdMLSlfZEtZurGqY0p1dJEkf5p5IWZq4dlKvuNxc9vTSRpSilpo7wLvZGDBBSlZZoigw98h+roDS+2LGOvvItkd70zyXO+ty1fkxKGs/JzE/Sw+4Y5YDZ1VDyWubF5JKT0vvvnw2y5y6u74yu0cGTXTf2mdVzpEHqs9esigHhrmtBT7KJdTO6B7cylk6etIBmylRntd1GZ9+uEsVvh4vZx+sjqdg0YTAlf+4iFA2d5gMru5ZVPGISKQCVtWpO+UJvGeE/ViSLwMlVEKbLSXDyYrj4nnz7KVdHzxDsFN reinder@E5530
|
1
authorized_keys/jeroen.keys
Normal file
1
authorized_keys/jeroen.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAimaAxUzc7TgTXZEmJ2iZOW2eSUqf8mik/ohrMsEq3x9W3BM6m4urWQDvok7JAfUNtQPyfDf404MnMtI0c5U7HSIBSx7Orq4qAIDA5VhvRbSw/4W3rpKl5QfZ9hAfWy6kjjNgZ+IqJiIPmY2d+weRWNVWiBsIluCybc+q8ijNLA9Fr0ftaayBjvuEbTRdB/6VvdvfRzI419yscE2Zj2NgRWVSTSXTDA0VYxo6LULH1YPc0Vj+hucD5h6aPIcdwh8Q+ux4sZOatiy/gH5la8kx7dapPtFG/fLSUOlmvbH1D3J7VZv9lQT3jmaKEo8jKsdIeVOuDo9MzuWQVVXywqkj7IFvdjc66KRpvacc59o3meLKI3D+PvzCCNa7qI6iYATuop+eLlZhRM2LC4EwzHXAm+v84OdZo96m8hVPcBJTzMxWIpZBHZ8rqHC8UMVoS6PPqTU9y8JA22G8NR+MxrU//+fyN99u+95o/IXN+vWSlTqXHpsb4yYovePIhNtLvLCUrYwtITcgpvFI0KhbL3XqJAv2o1qn7dwD2eZsT7J+OLgxf7m1GVJ/cLJU8L9o9YCfe4d/uOzDp/0PACUHcPInSf9JduCfAoHVbnQ5mZbeAlRofkYYNqua8ZnhIW8RWoEX/B5ExKLQQLexo33dutJVIl3nGdfWAn0GyKQz1PuTAeM= jeroen@stroevesoer.nl
|
1
authorized_keys/linor.keys
Normal file
1
authorized_keys/linor.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3GzlxEWjUMN1Q0SoAIcaX1BQ9J0gxrYKniwYGmv1r6cUxNzZEiZLxbNJ9ayK6SLtAXtvELHM19vYcWmXVYcmthM4a5+CKpGb4h4XzJjNeRTeWHfoAWHMKaotNTSzoE5/seIn/Q9sogConW/e+gOPqtVZOidvimo3EjZ0ih3cfbKqe2M38qIS0o1qJx/XvAC9nt8QGDuxyeegkihnDhxY495emd5qLIkrRBDJEbd5sjkuNF3ow4iC+wa2bjD9aOMfax5l2/hHxRfBm2YPMAp1DbuRPz5ZZOOMyJ2mDl9c7SYBzHv5M39Al46z/y1BR030kTMx2UDzOUYX8HxWdOwnt krijnschaap@Krijns-MacBook-Pro.local
|
1
authorized_keys/maeddoc.keys
Normal file
1
authorized_keys/maeddoc.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJFP8joeSTbBsRQnEhu9KaNgciA/gAYdZc5GpgywIRF5 max@e595
|
1
authorized_keys/polyfloyd.keys
Normal file
1
authorized_keys/polyfloyd.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBotjHW+sNMI56uKXA87/zoRU8g7EY+d6bkObb6SyXEB polyfloyd@hephaestus
|
1
authorized_keys/wilco.keys
Normal file
1
authorized_keys/wilco.keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq/AHWNITVjD3WZY5XJD20K5cBLbjWuEWJnZQhEtPHrFZESjmGsPYjcPhlYZFzRKazM5d7aM++QhBWFO2fLQJLc9+WNUHWlbsH9xQ0L+mqx3YqDKFNAMU0dQM+x1iDZupD/Hku/1AcXs7gAhOw/kZnSgN5N7d2NWrg6798r6YKN9iawShl7D6Bi+oseVVm0Rf6XIvY6eEV6ez8r94ffUsR/8fHdzBPo7T7wIPQPETXGPWrWWc4cBZJtIsAPluEZirwkEUslvKJBcoLqgyazXghBl0Ifzxh2XY8P27yI+foiM28/bkDtu4XpFpNf23LbQyx0SY3LzFJLJg0uHglV/Kvw== wilcobh@glan
|
|
@ -2,6 +2,7 @@
|
|||
- hosts: bank
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- bank
|
||||
vars:
|
||||
bank_revbank_git: https://github.com/bitlair/revbank.git
|
||||
|
|
1
bar.yaml
1
bar.yaml
|
@ -4,4 +4,5 @@
|
|||
raspi_rotate_display: "2"
|
||||
roles:
|
||||
- raspi
|
||||
- common-bitlair
|
||||
- bank-terminal
|
||||
|
|
|
@ -2,4 +2,10 @@
|
|||
- hosts: fotos
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- photos
|
||||
vars:
|
||||
root_access:
|
||||
- ak
|
||||
- linor
|
||||
- polyfloyd
|
||||
|
|
|
@ -13,5 +13,9 @@ trusted_ranges:
|
|||
- { v: ipv6, cidr: "fe80::/10" }
|
||||
- { v: ipv6, cidr: "2a02:166b:92::/48" }
|
||||
|
||||
root_access:
|
||||
- ak
|
||||
- polyfloyd
|
||||
|
||||
mqtt_internal_host: mqtt.bitlair.nl
|
||||
mqtt_public_host: bitlair.nl
|
||||
|
|
|
@ -2,5 +2,6 @@
|
|||
- hosts: monitoring
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- acme
|
||||
- monitoring
|
||||
|
|
|
@ -2,4 +2,5 @@
|
|||
- hosts: mqtt_internal
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- mqtt-internal
|
||||
|
|
|
@ -2,6 +2,13 @@
|
|||
- hosts: music
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- acme
|
||||
- go
|
||||
- music
|
||||
vars:
|
||||
root_access:
|
||||
- ak
|
||||
- bob
|
||||
- eightdot
|
||||
- polyfloyd
|
||||
|
|
1
pad.yaml
1
pad.yaml
|
@ -5,5 +5,6 @@
|
|||
- [ pad.bitlair.nl ]
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- acme
|
||||
- etherpad
|
||||
|
|
8
roles/common-bitlair/tasks/main.yaml
Normal file
8
roles/common-bitlair/tasks/main.yaml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
- name: Update authorized_keys
|
||||
tags: authorized_keys
|
||||
template:
|
||||
src: authorized_keys.j2
|
||||
dest: /root/.ssh/authorized_keys
|
||||
mode: 0600
|
||||
when: root_access is defined and root_access
|
5
roles/common-bitlair/templates/authorized_keys.j2
Normal file
5
roles/common-bitlair/templates/authorized_keys.j2
Normal file
|
@ -0,0 +1,5 @@
|
|||
# Managed by Ansible
|
||||
|
||||
{% for name in root_access %}
|
||||
{{ lookup('file', 'authorized_keys/'+name+'.keys') }}
|
||||
{% endfor %}
|
|
@ -2,4 +2,10 @@
|
|||
- hosts: services
|
||||
roles:
|
||||
- common
|
||||
- common-bitlair
|
||||
- services
|
||||
vars:
|
||||
root_access:
|
||||
- ak
|
||||
- wilco
|
||||
- polyfloyd
|
||||
|
|
Loading…
Add table
Reference in a new issue