From 9977d7c5f98e3312b56350fc9fe2ea137d0902bb Mon Sep 17 00:00:00 2001 From: Yujun Zhang Date: Thu, 13 Oct 2016 15:58:10 +0800 Subject: Add ssh users with ansible roles Change-Id: I10a9f1ed2fbc1fbef5d488263b25d482fcaa320b Signed-off-by: Yujun Zhang --- supporting/servers/roles/ssh/defaults/main.yml | 4 ++++ .../servers/roles/ssh/files/taseer.authorized_keys | 1 + .../servers/roles/ssh/files/yujunz.authorized_keys | 1 + supporting/servers/roles/ssh/tasks/main.yml | 26 ++++++++++++++++++++++ supporting/servers/ssh.yml | 4 ++++ 5 files changed, 36 insertions(+) create mode 100644 supporting/servers/roles/ssh/defaults/main.yml create mode 100644 supporting/servers/roles/ssh/files/taseer.authorized_keys create mode 100644 supporting/servers/roles/ssh/files/yujunz.authorized_keys create mode 100644 supporting/servers/roles/ssh/tasks/main.yml create mode 100644 supporting/servers/ssh.yml diff --git a/supporting/servers/roles/ssh/defaults/main.yml b/supporting/servers/roles/ssh/defaults/main.yml new file mode 100644 index 00000000..ed3fbe6e --- /dev/null +++ b/supporting/servers/roles/ssh/defaults/main.yml @@ -0,0 +1,4 @@ +--- +users: + - { name: yujunz, comment: "Yujun Zhang " } + - { name: taseer, comment: "Taseer Ahmed " } diff --git a/supporting/servers/roles/ssh/files/taseer.authorized_keys b/supporting/servers/roles/ssh/files/taseer.authorized_keys new file mode 100644 index 00000000..2efb95e8 --- /dev/null +++ b/supporting/servers/roles/ssh/files/taseer.authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCxCG9Z+8rBLQiJ9yt+RzRkAZZQIlou83e899Kkuf/UgXd+1TUgIu4AJUDvayrorTxk2kw7ra+DoysEa2NBkLL6FNnG+NpYV+XTaG+Z3tvp4l62ROV+5+O4soiWtBroRghQPDkrpiTQuFJ7/BKQt9bKZYPb3t2bxCLeFVWtUzCpFDIj6wDPGwDeTLnLMPtQNQtIlgPV+XGAet17rNSrm7EcDzqdDQcdZFmfeH5YvBsY9ZO+qwcbelEpMBWPsyEMU6OgwTqUj7mm3o+Quew35y13Zrhf+GAx5ZMXho/Cpjp1TzognDkwAFpFzZG7zWSNexXrD15Wzgyae2cl/vD75I7 taseer@123.org \ No newline at end of file diff --git a/supporting/servers/roles/ssh/files/yujunz.authorized_keys b/supporting/servers/roles/ssh/files/yujunz.authorized_keys new file mode 100644 index 00000000..168979c3 --- /dev/null +++ b/supporting/servers/roles/ssh/files/yujunz.authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0o+WARhbI5DeZK9eiZKVprY3oQ910npo/EPFI9prfpN7zeF0UA4TwT9rqsrwFgRQeJkKvbDTOPt5Ox9vLIEnxT4PdirvrYNxtyJHHfbL4ZxKemYhBi2BA6CAbI3f9CR+dtbfOBxtTpXAj1Y5oA9y59o1hqHpuVmM8dBpcQt/ELdYCHZ0khxft5WaSOURsslTZN18bikVX9WHlKflVyRA8efxqzTZ4w5ufHl1Fv9i/G0u7iGbUtvlI8X7+Z+ePuysZhHKErQSGfv2NybDi+r8xM5hL2LYXxjAu0PV58olUl1SX40OY9yA2Yx+PVzIGhv6EQ8snUFnsoMy0ZIbQ+ysB yujunz@silver.mbp diff --git a/supporting/servers/roles/ssh/tasks/main.yml b/supporting/servers/roles/ssh/tasks/main.yml new file mode 100644 index 00000000..7de1e208 --- /dev/null +++ b/supporting/servers/roles/ssh/tasks/main.yml @@ -0,0 +1,26 @@ +- name: add users for ssh access + become: true + user: + name: "{{ item.name }}" + comment: "{{ item.comment }}" + groups: "qtip" + append: yes + with_items: "{{ users }}" +- name: create .ssh directory + become: true + file: + path: "/home/{{ item.name }}/.ssh" + state: directory + owner: "{{ item.name }}" + group: "{{ item.name }}" + mode: 0700 + with_items: "{{ users }}" +- name: authorize public key + become: true + copy: + src: "{{ item.name }}.authorized_keys" + dest: "/home/{{ item.name }}/.ssh/authorized_keys" + owner: "{{ item.name }}" + group: "{{ item.name }}" + mode: 0600 + with_items: "{{ users }}" \ No newline at end of file diff --git a/supporting/servers/ssh.yml b/supporting/servers/ssh.yml new file mode 100644 index 00000000..bd74ab3b --- /dev/null +++ b/supporting/servers/ssh.yml @@ -0,0 +1,4 @@ +--- +- hosts: elk-servers + roles: + - ssh -- cgit 1.2.3-korg