ansible-experiments/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml

92 lines
3 KiB
YAML
Raw Permalink Normal View History

---
2018-10-02 17:38:23 +00:00
- name: Check if user has ~/.ssh/config | Debian/Ubuntu systems.
stat:
path: "/home/{{ item.name }}/.ssh/config"
with_items: "{{ users }}"
register: sshconfig
when: item.name != 'ec2-user' and ansible_os_family == 'Debian'
2018-10-21 01:16:48 +00:00
- name: Check if user has ~/.ssh/config | FreeBSD systems.
stat:
path: "/home/{{ item.name }}/.ssh/config"
with_items: "{{ users }}"
register: sshconfig
when: item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'
2018-10-02 17:38:23 +00:00
- name: debug
debug: "{{ item.item.name }}"
with_items:
- "{{ sshconfig.results }}"
- name: Create ~/.ssh/config when absent
file:
path: "/home/{{ item.item.name }}/.ssh/config"
owner: "{{ item.item.name }}"
group: "{{ item.item.name }}"
mode: 0600
state: touch
2018-10-02 17:38:23 +00:00
when: item.stat is defined and item.stat.exists == False and item.item.state == "present"
with_items:
- "{{ sshconfig.results }}"
2018-10-22 18:56:56 +00:00
no_log: True
2018-09-13 05:50:32 +00:00
- name: CHECK VARS
debug:
msg: "{{ item.1 }}"
with_subelements:
- "{{ users }}"
- ssh_config
- skip_missing: true
when: item.0.state == "present"
- name: Configure ~/.ssh/config
blockinfile:
2018-09-13 05:50:32 +00:00
#path: "/home/{{ item.0.name }}/.ssh/config"
path: "/home/{{ item.name }}/.ssh/config"
#owner: "{{ item.0.name }}"
owner: "{{ item.name }}"
#group: "{{ item.0.name }}"
group: "{{ item.name }}"
mode: 0600
marker: "# {mark} ANSIBLE MANAGED BLOCK"
content: |
{% for host in groups['all'] -%}
2018-09-13 05:50:32 +00:00
Host {{ hostvars[host]['ansible_hostname'] }}
Hostname {{ hostvars[host]['inventory_hostname'] }}
2018-09-13 05:50:32 +00:00
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
{% for item in item.ssh_config %}
{{ item.line }}
{% endfor %}
{% endfor %}
2018-09-13 05:50:32 +00:00
with_items:
- "{{ users }}"
- skip_missing: true
when: item.ssh_config is defined and item.state == "present" and item.name != 'ec2-user' and ansible_os_family == 'Debian'
2018-10-02 17:38:23 +00:00
2018-10-21 01:18:32 +00:00
- name: Configure ~/.ssh/config FreeBSD
blockinfile:
#path: "/home/{{ item.0.name }}/.ssh/config"
path: "/home/{{ item.name }}/.ssh/config"
#owner: "{{ item.0.name }}"
owner: "{{ item.name }}"
#group: "{{ item.0.name }}"
group: "{{ item.name }}"
mode: 0600
marker: "# {mark} ANSIBLE MANAGED BLOCK"
content: |
{% for host in groups['all'] -%}
Host {{ hostvars[host]['ansible_hostname'] }}
Hostname {{ hostvars[host]['inventory_hostname'] }}
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
{% for item in item.ssh_config %}
{{ item.line }}
{% endfor %}
{% endfor %}
with_items:
- "{{ users }}"
- skip_missing: true
when: item.ssh_config is defined and item.state == "present" and item.name != 'ubuntu' and ansible_os_family == 'FreeBSD'