Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
Ce dépôt est archivé. Vous pouvez voir les fichiers et le cloner, mais vous ne pouvez pas pousser ni ouvrir de ticket/demande d'ajout.

60 lignes
1.4KB

  1. ---
  2. - hosts:
  3. - servers
  4. - desktops
  5. - laptops
  6. remote_user: root
  7. roles:
  8. - name: root_user
  9. - name: users
  10. - hosts: desktops:laptops
  11. remote_user: root
  12. tasks:
  13. - fetch:
  14. src: /etc/ssh/ssh_host_ed25519_key.pub
  15. dest: host_files/{{ inventory_hostname }}
  16. - name: /etc/ssh/ssh_config
  17. template:
  18. src: ssh_config.j2
  19. dest: /etc/ssh/ssh_config
  20. - name: /etc/ssh/ssh_known_hosts
  21. template:
  22. src: ssh_known_hosts.j2
  23. dest: /etc/ssh/ssh_known_hosts
  24. mode: 'u=rw,g=r,o=r'
  25. - hosts:
  26. - servers
  27. - desktops
  28. - laptops
  29. remote_user: root
  30. tasks:
  31. - name: fetch ssh public keys
  32. fetch:
  33. src: /home/{{item}}/.ssh/id_ed25519.pub
  34. dest: host_files
  35. fail_on_missing: yes
  36. loop: "{{ users.keys() | list }}"
  37. - name: delete ssh known hosts user files
  38. shell: rm /home/*/.ssh/known_hosts
  39. failed_when: false
  40. - hosts:
  41. - servers
  42. remote_user: root
  43. tasks:
  44. - name: read ssh public keys
  45. local_action: command fish -c 'cat host_files/*/home/{{item}}/.ssh/id_ed25519.pub'
  46. loop: "{{ users.keys() | list }}"
  47. register: _ssh_public_keys
  48. - name: authorize ssh public keys
  49. copy:
  50. content: "{{ _ssh_public_keys | json_query(\"results[?item=='\"+item+\"'].stdout\") | join(\"\n\") }}"
  51. dest: /home/{{item}}/.ssh/authorized_keys
  52. loop: "{{ users.keys() | list }}"