This repository has been archived on 2024-05-02. You can view files and clone it, but cannot push or open issues or pull requests.
omni-ansible/playbooks/deploy-sshkeys.yml

33 lines
882 B
YAML
Raw Normal View History

---
- hosts: all
name: Update ssh keys on all devices
tasks:
- import_tasks: tasks/users-preprocessing.yml
- name: Install public keys
tags: users_keys
become: true
block:
- name: Ensure SSH directory exists
file:
state: directory
path: /home/{{ item.name }}/.ssh
loop: "{{ local_users | difference([None]) }}"
- name: Put keys on remote
when: item.keys != []
authorized_key:
user: "{{ item.name }}"
key: "{{ item.sshkeys | join('\n') }}"
state: present
exclusive: yes
loop: "{{ local_users | difference([None]) }}"
- hosts: all
name: Disable SSH password authentication
tags:
- always
tasks:
- import_tasks: tasks/sshd/disable-password-auth.yml
when: enable_ssh_password_auth|bool == false