Manage SSH keys with Ansible

This commit is contained in:
polyfloyd 2024-03-20 20:31:54 +01:00
parent eff6091c5a
commit 6fc9d8df96
19 changed files with 49 additions and 0 deletions

1
authorized_keys/ak.keys Normal file
View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ0ryG8LT5ryjc3tZggVP0cxjXoKOPzUIwmB9Yez+u3nDHc3RdLR0V/BdcVPCJl9vOQwsFaTE34ZEZ3A6qkcSaz2Npxqq0eFtcEAKTy9w41C6jE586jkwkednSK9ObFFZnlSA3ielYeB5bRuELHyvazHWSUGn+/nzuujAYpEABRGAlt0IV2eMugsb1aEs5v8/Hw3REGz6IeNBwlVOzDznGK4N0b1es270k2fpkD0XMRnga7x2eduD74gRYJHo41sKz6kqHFfXjvrH6Efrn5sNtTF7pIkPfeiX4ukDQYG6Ynxgkdbi1pMg5zGjjjRZ0iExKqNi+jtZhVewqFvj66vLX arjan@koopen.net

1
authorized_keys/bob.keys Normal file
View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPw0k0OEI/Gf5eM8/S5+R2Xo3pjGiHyRmGZjrNTJs5dtydEM6t1am7EeBRO1bBuxl3zx+MHoQyjA9GtKibv/uB3WridrLqy2b4bjsRvP9WdbrOacXk8ZkUzRgV7qj/szwnByANOw+jXufBuEEoDfmaprWKGKkTcCnbB/e4E069d2fQxClQ3MDNJSJ2n+9MTv79twJjZqJaMs/LR24nfwTaNNdNIeP6dsUpLBHvhvwxxpi67Y63YjZKFI8watC2D1RNhBLZSRM9lW7zzCmm4H+nBSMKBTRVZsXJPDjvT5WLrxbfOEHWtFucFc9lkKg0ZFgmnrQiFpo9Bmra1AlsPE7P bob@xbmc.org

View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrNJu4DUU1a0aKcUPR5zF9yhqbBIX5zyMCrjMROhsU3DspZKdMLSlfZEtZurGqY0p1dJEkf5p5IWZq4dlKvuNxc9vTSRpSilpo7wLvZGDBBSlZZoigw98h+roDS+2LGOvvItkd70zyXO+ty1fkxKGs/JzE/Sw+4Y5YDZ1VDyWubF5JKT0vvvnw2y5y6u74yu0cGTXTf2mdVzpEHqs9esigHhrmtBT7KJdTO6B7cylk6etIBmylRntd1GZ9+uEsVvh4vZx+sjqdg0YTAlf+4iFA2d5gMru5ZVPGISKQCVtWpO+UJvGeE/ViSLwMlVEKbLSXDyYrj4nnz7KVdHzxDsFN reinder@E5530

View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAimaAxUzc7TgTXZEmJ2iZOW2eSUqf8mik/ohrMsEq3x9W3BM6m4urWQDvok7JAfUNtQPyfDf404MnMtI0c5U7HSIBSx7Orq4qAIDA5VhvRbSw/4W3rpKl5QfZ9hAfWy6kjjNgZ+IqJiIPmY2d+weRWNVWiBsIluCybc+q8ijNLA9Fr0ftaayBjvuEbTRdB/6VvdvfRzI419yscE2Zj2NgRWVSTSXTDA0VYxo6LULH1YPc0Vj+hucD5h6aPIcdwh8Q+ux4sZOatiy/gH5la8kx7dapPtFG/fLSUOlmvbH1D3J7VZv9lQT3jmaKEo8jKsdIeVOuDo9MzuWQVVXywqkj7IFvdjc66KRpvacc59o3meLKI3D+PvzCCNa7qI6iYATuop+eLlZhRM2LC4EwzHXAm+v84OdZo96m8hVPcBJTzMxWIpZBHZ8rqHC8UMVoS6PPqTU9y8JA22G8NR+MxrU//+fyN99u+95o/IXN+vWSlTqXHpsb4yYovePIhNtLvLCUrYwtITcgpvFI0KhbL3XqJAv2o1qn7dwD2eZsT7J+OLgxf7m1GVJ/cLJU8L9o9YCfe4d/uOzDp/0PACUHcPInSf9JduCfAoHVbnQ5mZbeAlRofkYYNqua8ZnhIW8RWoEX/B5ExKLQQLexo33dutJVIl3nGdfWAn0GyKQz1PuTAeM= jeroen@stroevesoer.nl

View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3GzlxEWjUMN1Q0SoAIcaX1BQ9J0gxrYKniwYGmv1r6cUxNzZEiZLxbNJ9ayK6SLtAXtvELHM19vYcWmXVYcmthM4a5+CKpGb4h4XzJjNeRTeWHfoAWHMKaotNTSzoE5/seIn/Q9sogConW/e+gOPqtVZOidvimo3EjZ0ih3cfbKqe2M38qIS0o1qJx/XvAC9nt8QGDuxyeegkihnDhxY495emd5qLIkrRBDJEbd5sjkuNF3ow4iC+wa2bjD9aOMfax5l2/hHxRfBm2YPMAp1DbuRPz5ZZOOMyJ2mDl9c7SYBzHv5M39Al46z/y1BR030kTMx2UDzOUYX8HxWdOwnt krijnschaap@Krijns-MacBook-Pro.local

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJFP8joeSTbBsRQnEhu9KaNgciA/gAYdZc5GpgywIRF5 max@e595

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBotjHW+sNMI56uKXA87/zoRU8g7EY+d6bkObb6SyXEB polyfloyd@hephaestus

View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq/AHWNITVjD3WZY5XJD20K5cBLbjWuEWJnZQhEtPHrFZESjmGsPYjcPhlYZFzRKazM5d7aM++QhBWFO2fLQJLc9+WNUHWlbsH9xQ0L+mqx3YqDKFNAMU0dQM+x1iDZupD/Hku/1AcXs7gAhOw/kZnSgN5N7d2NWrg6798r6YKN9iawShl7D6Bi+oseVVm0Rf6XIvY6eEV6ez8r94ffUsR/8fHdzBPo7T7wIPQPETXGPWrWWc4cBZJtIsAPluEZirwkEUslvKJBcoLqgyazXghBl0Ifzxh2XY8P27yI+foiM28/bkDtu4XpFpNf23LbQyx0SY3LzFJLJg0uHglV/Kvw== wilcobh@glan

View file

@ -2,6 +2,7 @@
- hosts: bank
roles:
- common
- common-bitlair
- bank
vars:
bank_revbank_git: https://github.com/bitlair/revbank.git

View file

@ -4,4 +4,5 @@
raspi_rotate_display: "2"
roles:
- raspi
- common-bitlair
- bank-terminal

View file

@ -2,4 +2,10 @@
- hosts: fotos
roles:
- common
- common-bitlair
- photos
vars:
root_access:
- ak
- linor
- polyfloyd

View file

@ -13,5 +13,9 @@ trusted_ranges:
- { v: ipv6, cidr: "fe80::/10" }
- { v: ipv6, cidr: "2a02:166b:92::/48" }
root_access:
- ak
- polyfloyd
mqtt_internal_host: mqtt.bitlair.nl
mqtt_public_host: bitlair.nl

View file

@ -2,5 +2,6 @@
- hosts: monitoring
roles:
- common
- common-bitlair
- acme
- monitoring

View file

@ -2,4 +2,5 @@
- hosts: mqtt_internal
roles:
- common
- common-bitlair
- mqtt-internal

View file

@ -2,6 +2,13 @@
- hosts: music
roles:
- common
- common-bitlair
- acme
- go
- music
vars:
root_access:
- ak
- bob
- eightdot
- polyfloyd

View file

@ -5,5 +5,6 @@
- [ pad.bitlair.nl ]
roles:
- common
- common-bitlair
- acme
- etherpad

View file

@ -0,0 +1,8 @@
---
- name: Update authorized_keys
tags: authorized_keys
template:
src: authorized_keys.j2
dest: /root/.ssh/authorized_keys
mode: 0600
when: root_access is defined and root_access

View file

@ -0,0 +1,5 @@
# Managed by Ansible
{% for name in root_access %}
{{ lookup('file', 'authorized_keys/'+name+'.keys') }}
{% endfor %}

View file

@ -2,4 +2,10 @@
- hosts: services
roles:
- common
- common-bitlair
- services
vars:
root_access:
- ak
- wilco
- polyfloyd