Jose/ansible-role-debian_common
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix setting SSH-keys: only changed when actually adding keys

Browse Source
This commit is contained in:
waal70
2024-11-03 16:08:41 +01:00
parent a1ae8efa3e
commit 857c37a2c1
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tasks/unpriv-user.yml
View File

@@ -10,7 +10,16 @@
skeleton: /etc/skel skeleton: /etc/skel
append: true append: true
- name: Set the primary key for the unprivileged user, removing any others - name: Check the primary key for the unprivileged user
ansible.posix.authorized_key:
user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-1.pub') }}"
state: present
exclusive: false
register: setkey
- name: Re-set the primary key as exclusive, if we found that the key was not present yet # noqa: no-handler
when: setkey.changed
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ interactive_user }}" user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-1.pub') }}" key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-1.pub') }}"
@@ -22,6 +31,7 @@
user: "{{ interactive_user }}" user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-2.pub') }}" key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-2.pub') }}"
state: present state: present
exclusive: false
- name: Install required package to become unprivileged users - name: Install required package to become unprivileged users
ansible.builtin.apt: ansible.builtin.apt: