On 2/5/20 10:54 PM, Daniel Nanboe wrote:
> I have an inventory file where for one host I have defined the users and keys
> that I want to use in a playbook:
>
> |
> sftp_users:
> -remote_user:prod
> state:present
> long_name:prod user
> ssh_key:
> -prodkey_1
> -prodkey_2
> -remote_user:test
> state:present
> long_name:test user
> ssh_key:
> -testkey
> |
> |
> |
>
> I want then to add to each user one or multiple ssh keys that I have located
> in the repository from where I run the script.
>
> I know that authorized_key on the key: need to have joined the both keys from
> an user.
>
> This is what I have no but it takes only the last key and not both.
>
> |
> -name:Createsftp user authorized_key entries.
> authorized_key:
> comment:"{{ item.1 | default('') }}"
> exclusive:false
> key:"{{ lookup('file', GIT_HOME + '/config/clients/client/ssh_keys/{{
> item.1 }}.pub') }}"
> manage_dir:true
> user:"{{ item.0.remote_user }}"
> become:true
> when:(item.0.state!="absent")
> with_subelements:
> -"{{ sftp_users }}"
> -ssh_key
The authorized_key module should be able to handle multiple keys for a remote
user, there is no need to "join" them.
I'm using the following task successfully:
- name: Add SSH keys
authorized_key:
user: "{{ item.0.username }}"
key: "{{ lookup('file', users_inventory_dir + '/files/ssh-keys/' + item.1 +
'-ssh.pub') }}"
state: present
loop: "{{ users | subelements('ssh_keys', {'skip_missing': True})}}"
tags:
- users
Regards
Racke
> |
> |
> |
>
> Any ideas on how I can concatenate the 2 or more keys for one client?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f9448fd3-8a41-45d4-98dd-157f3600bf6f%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/f9448fd3-8a41-45d4-98dd-157f3600bf6f%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f1ab2004-e33f-c511-8d41-527a28bcf7aa%40linuxia.de.
signature.asc
Description: OpenPGP digital signature
