Du kannst nicht mehr als 25 Themen auswählen
Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
Dieses Repo ist archiviert. Du kannst Dateien sehen und es klonen, kannst aber nicht pushen oder Issues/Pull-Requests öffnen.
|
- ---
-
- - hosts:
- - servers
- - desktops
- - laptops
- remote_user: root
- roles:
- - name: root_user
- - name: users
-
- - hosts: desktops:laptops
- remote_user: root
- tasks:
- - fetch:
- src: /etc/ssh/ssh_host_ed25519_key.pub
- dest: host_files/{{ inventory_hostname }}
- - name: /etc/ssh/ssh_config
- template:
- src: ssh_config.j2
- dest: /etc/ssh/ssh_config
- - name: /etc/ssh/ssh_known_hosts
- template:
- src: ssh_known_hosts.j2
- dest: /etc/ssh/ssh_known_hosts
- mode: 'u=rw,g=r,o=r'
-
- - hosts:
- - servers
- - desktops
- - laptops
- remote_user: root
- tasks:
-
- - name: fetch ssh public keys
- fetch:
- src: /home/{{item}}/.ssh/id_ed25519.pub
- dest: host_files
- fail_on_missing: yes
- loop: "{{ users.keys() | list }}"
-
- - name: delete ssh known hosts user files
- shell: rm /home/*/.ssh/known_hosts
- failed_when: false
-
- - hosts:
- - servers
- remote_user: root
- tasks:
- - name: read ssh public keys
- local_action: command fish -c 'cat host_files/*/home/{{item}}/.ssh/id_ed25519.pub'
- loop: "{{ users.keys() | list }}"
- register: _ssh_public_keys
-
- - name: authorize ssh public keys
- copy:
- content: "{{ _ssh_public_keys | json_query(\"results[?item=='\"+item+\"'].stdout\") | join(\"\n\") }}"
- dest: /home/{{item}}/.ssh/authorized_keys
- loop: "{{ users.keys() | list }}"
|
