ansible-experiments/roles/users/tasks/ssh_config.yml

- name: Ensure .ssh folder is created
  file:
    path: "/home/{{item.name}}/.ssh"
    state: directory
    mode: 0700
    owner: "{{ item.name }}"
    group: "{{ item.name }}"
  with_items:
    - "{{ users }}"


- name: Configure authorized_keys
  authorized_key:
    user: "{{ item.0.name }}"
    key: "{{ lookup('file', 'keys/' + item.0.name + '/' + item.1.file + '.pub') }}"
    state: "{{ item.1.state | default('present') }}"
  with_subelements:
    - "{{ users }}"
    -  keys


#- name: Check if user has ~/.ssh/config
#  stat:
#    path: "/home/{{ item.name }}/.ssh/config"
#  with_items: "{{ users }}"
#  register: sshconfig
#
#
#- name: Create ~/.ssh/config when absent
#  file:
#    path: "/home/{{ item.item.name }}/.ssh/config"
#    owner: "{{ item.item.name }}"
#    group: "{{ item.item.name }}"
#    mode: 0600
#    state: touch
#  when: item.stat.exists == False
#  with_items:
#    - "{{ sshconfig.results }}"
#  no_log: True
#
#- name: Configure ~/.ssh/config
#  blockinfile:
#    path: "/home/{{ item.name  }}/.ssh/config"
#    owner: "{{ item.name }}"
#    group: "{{ item.name }}"
#    mode: 0600
#    marker: "# {mark} ANSIBLE MANAGED BLOCK"
#    content: |
#        host {{ ansible_hostname }}
#          hostname {{ ansible_hostname }}
#          User {{ item.name }}
#          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent
#          RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh
#          ServerAliveInterval 10
#  with_items:
#    - "{{ users }}"
config users shell/ssh 2018-08-13 14:02:31 +00:00			`- name: Ensure .ssh folder is created`
			`file:`
			`path: "/home/{{item.name}}/.ssh"`
			`state: directory`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`mode: 0700`
			`owner: "{{ item.name }}"`
			`group: "{{ item.name }}"`
config users shell/ssh 2018-08-13 14:02:31 +00:00			`with_items:`
			`- "{{ users }}"`


ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`- name: Configure authorized_keys`
			`authorized_key:`
			`user: "{{ item.0.name }}"`
			`key: "{{ lookup('file', 'keys/' + item.0.name + '/' + item.1.file + '.pub') }}"`
			`state: "{{ item.1.state \| default('present') }}"`
			`with_subelements:`
			`- "{{ users }}"`
			`- keys`


			`#- name: Check if user has ~/.ssh/config`
			`# stat:`
			`# path: "/home/{{ item.name }}/.ssh/config"`
			`# with_items: "{{ users }}"`
			`# register: sshconfig`
			`#`
			`#`
			`#- name: Create ~/.ssh/config when absent`
			`# file:`
			`# path: "/home/{{ item.item.name }}/.ssh/config"`
			`# owner: "{{ item.item.name }}"`
			`# group: "{{ item.item.name }}"`
			`# mode: 0600`
			`# state: touch`
			`# when: item.stat.exists == False`
config users shell/ssh 2018-08-13 14:02:31 +00:00			`# with_items:`
			`# - "{{ sshconfig.results }}"`
ssh-config role / docs / updated user config 2018-08-15 18:35:23 +00:00			`# no_log: True`
			`#`
			`#- name: Configure ~/.ssh/config`
			`# blockinfile:`
			`# path: "/home/{{ item.name }}/.ssh/config"`
			`# owner: "{{ item.name }}"`
			`# group: "{{ item.name }}"`
			`# mode: 0600`
			`# marker: "# {mark} ANSIBLE MANAGED BLOCK"`
			`# content: \|`
			`# host {{ ansible_hostname }}`
			`# hostname {{ ansible_hostname }}`
			`# User {{ item.name }}`
			`# RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent $HOME/.gnupg/S.gpg-agent`
			`# RemoteForward /home/{{ item.name }}/.gnupg/S.gpg-agent.ssh $HOME/.gnupg/S.gpg-agent.ssh`
			`# ServerAliveInterval 10`
			`# with_items:`
			`# - "{{ users }}"`
config users shell/ssh 2018-08-13 14:02:31 +00:00