In my deployment projects, I manage 4 servers as well as their users. My
project consists of 2 pairs of servers. Client communication come in
through the "proxy server" into the main servers such as A and B. Users or
Client authenticate with their own key pair to gain entry to the Proxy
servers. To get from the proxy into the main servers A or B, we generate
our own key pair on to the proxy and give access to that key pair on to the
main servers. The keys on the pairs are not shared between each other, so
we have following to do.
Client ------ Client SSH key ------ Proxy server A ------- Proxy Server A
key pair ------- Server A
Client ------ Client SSH key ------ Proxy server B ------- Proxy Server B
key pair ------- Server B
Currently there is bug where the keys from Proxy server B get deployed to
the Server A. I need to correct proxy keys to be distributed to correct
Servers.
Core problem lies in here..
# roles/proxy_server/tasks/main.yml
- name: Users | gather keys
fetch: >
src = /home/{{item.user}}/.ssh/id_rsa.pub
dest = /tmp/fetch/server/keys/{{item.user}}-id_rsa.pub
flat = yes
with_items: users
when: item.state = "present"
tags:
- users
# roles/main_server/tasks/main.yml
- name: Users | Add public keys from proxies as authorized_keys
authorized_keys: >
user: "{{item.user }}"
key: "{{lookup('file','/tmp/fetch/server/keys/' + item.user +
'-id_rsa.pub') }}"
with_items: users
when: item.state == "present"
tags:
- users
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/d69940cb-4c02-476d-ab6a-7d595dd820c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
