lafrite/Ansible_workstation
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Feat: add public key to ssh to user

Browse Source
This commit is contained in:
Bertrand Benjamin 2022-01-11 22:20:52 +01:00
parent eadfdd97ce
commit c61e3a7826
4 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
roles/user/files/id_encrypt_fool.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdDO8452/DpTR8taSKa/i+rgAvrYP9Fv9hYLMuphHQ+ user1@fool

3
roles/user/molecule/default/converge.yml
View File

@ -7,6 +7,7 @@
- username: user - username: user
password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop
shell: "/bin/zsh" shell: "/bin/zsh"
public_key:
config: config:
giturl: "https://git.opytex.org/lafrite/dotfiles.git" giturl: "https://git.opytex.org/lafrite/dotfiles.git"
stowing: ["nvim", "tmux", "zsh"] stowing: ["nvim", "tmux", "zsh"]
@ -14,6 +15,8 @@
password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop password: "$y$j9T$PR8GfM2MjGudOCd7hF9NP1$/qRGtuNuWaRVVGmB1A4rgtaT0MMB9IoB4fnaxW1kvf4" #plop
groups: ["wheel"] groups: ["wheel"]
system: yes system: yes
public_key:
- keyfile: id_encrypt_fool.pub
config: config:
giturl: "https://git.opytex.org/lafrite/dotfiles.git" giturl: "https://git.opytex.org/lafrite/dotfiles.git"
stowing: ["tmux"] stowing: ["tmux"]

12
roles/user/molecule/default/tests/test_default.py
View File

@ -16,8 +16,16 @@ def test_create_users(host):
assert admin.shell == "/bin/bash" assert admin.shell == "/bin/bash"
assert admin.home == f"/home/{admin.name}" assert admin.home == f"/home/{admin.name}"
def test_install_git_stow(host): def test_ssh_key(host):
pass user = host.user("user")
sshdir = host.file(user.home + "/.ssh")
assert not sshdir.exists
admin = host.user("admin")
sshdir = host.file(admin.home + "/.ssh")
assert sshdir.exists
autho = host.file(admin.home + "/.ssh/authorized_keys")
assert autho.contains("user1@fool")
def test_clone_dotfiles(host): def test_clone_dotfiles(host):
user = host.user("user") user = host.user("user")

14
roles/user/tasks/main.yml
View File

@ -1,5 +1,6 @@
--- ---
# tasks file for user # tasks file for user
# Create user
- name: users -- Ensure wheel group exists - name: users -- Ensure wheel group exists
group: group:
name: wheel name: wheel
@ -16,6 +17,16 @@
state: present state: present
system: "{{ user.system | default('no') }}" system: "{{ user.system | default('no') }}"
#
- name: ssh -- Add public key
authorized_key:
user: "{{ user.username }}"
key: "{{ lookup('file', item.keyfile) }}"
state: present
with_items: "{{ user.public_key }}"
when: user.public_key
# Dotfiles
- name: Install for arch - name: Install for arch
import_tasks: arch.yml import_tasks: arch.yml
when: ansible_os_family == "Archlinux" when: ansible_os_family == "Archlinux"
@ -28,18 +39,15 @@
ansible.builtin.git: ansible.builtin.git:
repo: "{{ user.config.giturl }}" repo: "{{ user.config.giturl }}"
dest: "/home/{{ user.username }}/.dotfiles" dest: "/home/{{ user.username }}/.dotfiles"
become: yes
- name: user owns its dotfiles - name: user owns its dotfiles
ansible.builtin.file: ansible.builtin.file:
path: "/home/{{ user.username }}/.dotfiles" path: "/home/{{ user.username }}/.dotfiles"
owner: "{{ user.username }}" owner: "{{ user.username }}"
become: yes
- name: stow configs - name: stow configs
ansible.builtin.command: ansible.builtin.command:
cmd: stow {{ item }} cmd: stow {{ item }}
chdir: "/home/{{ user.username }}/.dotfiles" chdir: "/home/{{ user.username }}/.dotfiles"
with_items: "{{ user.config.stowing }}" with_items: "{{ user.config.stowing }}"
become: yes