ansible-experiments/add-users-groups-authorized_keys-dot-files/roles/ssh-config/tasks/main.yml

---
- name: Check if user has ~/.ssh/config | Debian/Ubuntu systems.
  stat:
    path: "/home/{{ item.name }}/.ssh/config"
  with_items: "{{ users }}"
  register: sshconfig
  when: item.name != 'ec2-user' and ansible_os_family == 'Debian'

- name: debug
  debug: "{{ item.item.name }}"
  with_items:
    - "{{ sshconfig.results }}"

- name: Create ~/.ssh/config when absent
  file:
    path: "/home/{{ item.item.name }}/.ssh/config"
    owner: "{{ item.item.name }}"
    group: "{{ item.item.name }}"
    mode: 0600
    state: touch
  when: item.stat is defined and  item.stat.exists == False and item.item.state == "present"
  with_items:
    - "{{ sshconfig.results }}"
    #no_log: True


- name: CHECK VARS
  debug:
    msg: "{{ item.1 }}"
  with_subelements:
    - "{{ users }}"
    - ssh_config
    - skip_missing: true
  when: item.0.state == "present"

- name: Configure ~/.ssh/config
  blockinfile:
    #path: "/home/{{ item.0.name  }}/.ssh/config"
    path: "/home/{{ item.name  }}/.ssh/config"
    #owner: "{{ item.0.name }}"
    owner: "{{ item.name }}"
    #group: "{{ item.0.name }}"
    group: "{{ item.name }}"
    mode: 0600
    marker: "# {mark} ANSIBLE MANAGED BLOCK"
    content: |
      {% for host in groups['all'] -%} 
      Host {{ hostvars[host]['ansible_hostname'] }}
          Hostname {{ hostvars[host]['inventory_hostname'] }}
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
      {% for item in item.ssh_config %}
          {{ item.line }}
      {% endfor %}
      {% endfor %}
  with_items:
    - "{{ users }}"
    - skip_missing: true
  when: item.ssh_config is defined and item.state == "present" and item.name != 'ec2-user' and ansible_os_family == 'Debian'
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`---`
don't create users depending on OS 2018-10-02 17:38:23 +00:00			`- name: Check if user has ~/.ssh/config \| Debian/Ubuntu systems.`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`stat:`
			`path: "/home/{{ item.name }}/.ssh/config"`
			`with_items: "{{ users }}"`
			`register: sshconfig`
fixing incorrect username https://github.com/stationgroup/ansible-experiments/issues/13#issue-361852126 2018-10-09 00:31:22 +00:00			`when: item.name != 'ec2-user' and ansible_os_family == 'Debian'`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00
don't create users depending on OS 2018-10-02 17:38:23 +00:00			`- name: debug`
			`debug: "{{ item.item.name }}"`
			`with_items:`
			`- "{{ sshconfig.results }}"`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00
			`- name: Create ~/.ssh/config when absent`
			`file:`
			`path: "/home/{{ item.item.name }}/.ssh/config"`
			`owner: "{{ item.item.name }}"`
			`group: "{{ item.item.name }}"`
			`mode: 0600`
			`state: touch`
don't create users depending on OS 2018-10-02 17:38:23 +00:00			`when: item.stat is defined and item.stat.exists == False and item.item.state == "present"`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`with_items:`
			`- "{{ sshconfig.results }}"`
don't create users depending on OS 2018-10-02 17:38:23 +00:00			`#no_log: True`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00

Fix #11 2018-09-13 05:50:32 +00:00			`- name: CHECK VARS`
			`debug:`
			`msg: "{{ item.1 }}"`
			`with_subelements:`
			`- "{{ users }}"`
			`- ssh_config`
			`- skip_missing: true`
			`when: item.0.state == "present"`

ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`- name: Configure ~/.ssh/config`
			`blockinfile:`
Fix #11 2018-09-13 05:50:32 +00:00			`#path: "/home/{{ item.0.name }}/.ssh/config"`
			`path: "/home/{{ item.name }}/.ssh/config"`
			`#owner: "{{ item.0.name }}"`
			`owner: "{{ item.name }}"`
			`#group: "{{ item.0.name }}"`
			`group: "{{ item.name }}"`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`mode: 0600`
			`marker: "# {mark} ANSIBLE MANAGED BLOCK"`
			`content: \|`
			`{% for host in groups['all'] -%}`
Fix #11 2018-09-13 05:50:32 +00:00			`Host {{ hostvars[host]['ansible_hostname'] }}`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`Hostname {{ hostvars[host]['inventory_hostname'] }}`
Fix #11 2018-09-13 05:50:32 +00:00			`RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent`
			`RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh`
			`{% for item in item.ssh_config %}`
			`{{ item.line }}`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`{% endfor %}`
			`{% endfor %}`
Fix #11 2018-09-13 05:50:32 +00:00			`with_items:`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`- "{{ users }}"`
			`- skip_missing: true`
fixing incorrect username https://github.com/stationgroup/ansible-experiments/issues/13#issue-361852126 2018-10-09 00:31:22 +00:00			`when: item.ssh_config is defined and item.state == "present" and item.name != 'ec2-user' and ansible_os_family == 'Debian'`
don't create users depending on OS 2018-10-02 17:38:23 +00:00
Fix #11 2018-09-13 05:50:32 +00:00