diff options
-rw-r--r-- | roles/unix_users/tasks/main.yml | 40 |
1 files changed, 39 insertions, 1 deletions
diff --git a/roles/unix_users/tasks/main.yml b/roles/unix_users/tasks/main.yml index ad9095f..d948dc8 100644 --- a/roles/unix_users/tasks/main.yml +++ b/roles/unix_users/tasks/main.yml @@ -6,12 +6,50 @@ shell: "{{ item.shell|default('/bin/bash') }}" system: "{{ item.system|default('no') }}" -- name: add keys to authorized_keys +- name: create ~/.ssh for each user with_items: "{{ unix_users }}" + when: item.ssh_key is defined or item.ssh_key_pub is defined or item.authorized_keys is defined + file: + state: directory + path: "/home/{{ item.username }}/.ssh" + owner: "{{ item.username }}" + group: "{{ item.username }}" + mode: 0755 + +- name: install ssh private keys + with_items: "{{ unix_users }}" + when: item.ssh_key is defined + copy: + content: "{{ item.ssh_key }}" + dest: "/home/{{ item.username }}/.ssh/id_rsa" + owner: "{{ item.username }}" + group: "{{ item.username }}" + mode: 0600 + +- name: install ssh public keys + with_items: "{{ unix_users }}" + when: item.ssh_key_pub is defined + copy: + content: "{{ item.ssh_key_pub }}" + dest: "/home/{{ item.username }}/.ssh/id_rsa.pub" + owner: "{{ item.username }}" + group: "{{ item.username }}" + mode: 0600 + +- name: add keys to authorized_keys (deprecated way) + with_items: "{{ unix_users }}" + when: authkeys_dir != None authorized_key: user: "{{ item.username }}" key: "{{ lookup('file', authkeys_dir + '/' + item.username) }}" +- name: add keys to authorized_keys (new way) + with_items: "{{ unix_users }}" + when: item.authorized_keys is defined + authorized_key: + user: "{{ item.username }}" + key: "{{ item.authorized_keys }}" + - name: give sudo access with_items: "{{ unix_users }}" when: "{{ item.sudo|default(False) }}" |