How can I process an array of private keys during user creation
20 views
Skip to first unread message
Bob Brown
Feb 14, 2015, 1:46:47 PM2/14/15
to ansible...@googlegroups.com
What I have set up so far is working well.
My playbook is:
---
- hosts: bastion_hosts
vars_files:
- data/users.yml
gather_facts: no
sudo: True
name: Add/Delete/Update InPowered Users onto an instance. Usually BounceBox
tasks:
- name: Add Users to the remote system
user: name={{ item.key }}
shell={{ item.value.shell }}
state={{ item.value.state }}
uid={{ item.value.uid }}
home={{ item.value.home }}
comment="{{ item.value.comment }}"
with_dict: users
- name: Pushing authorized key to remote server
authorized_key: user={{ item.key }} key="{{ item.value.ssh_pubkey }}"
with_dict: users
- name: Add wheel Group to sudo users
user: name={{ item.key }}
groups=wheel
when: '{{ item.value.setsudo }} == True'
with_dict: users
- name: Copy Private Keys to each user
debug: var={{ item.value.authkeys }}
with_dict: users
The authkeys variable contains a list of private key names "qa, prd, dev"
For each user, I want copy each of the listed private key files into the .ssh directory. Something like
copy: src=/keypath/{{ first item in item.value.authkeys }}.pem dest=/home/{{ item.keys }}/.ssh/{{ first item in item.value.authkeys }}.pem mode=0600
But I'm not clear on how to grab the elements out of the authkeys to copy down each file. (Further, I'm thinking I should be using vault, but... one step at a time now)
My users.yml file looks like this:
---
users:
bob.brown:
state: present
uid: 1027
comment: "Bob Brown"
home: /home/bob.brown
ssh_pubkey: "ssh-rsa AAAAB3NzaC1yc2E..."
authkeys: "dev,qa,prd,ops"
shell: /bin/sh
setsudo: yes
colin.johnson:
state: present
uid: 1041
comment: "Colin Johnson"
home: /home/colin.johnson
ssh_pubkey: "ssh-rsa AAAAB3NzaC1..."
authkeys: "dev,qa,prd"
shell: /bin/sh
setsudo: no
Thanks to anyone who can help.
Bob
Reply all
Reply to author
Forward
0 new messages