diff --git a/group_vars/all.yml b/group_vars/all/main.yml similarity index 100% rename from group_vars/all.yml rename to group_vars/all/main.yml diff --git a/group_vars/all/ssh.yml b/group_vars/all/ssh.yml new file mode 100644 index 0000000000000000000000000000000000000000..dcb8b28f534dba64309705f4c966d52a53929471 --- /dev/null +++ b/group_vars/all/ssh.yml @@ -0,0 +1,39 @@ +--- +people: + - user: axx + editor: /usr/bin/vim + git_author_email: as@laquadrature.net + git_author_name: Axx + keys: + - key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILF4SziV0jbp6DqnAaOx7/1dGDosmrWGa5TDCBxPV4sm + comment: as@laquadrature.net + - user: Benjamin Sonntag + editor: /usr/bin/emacs + git_author_email: bs@laquadrature.net + git_author_name: Benjamin Sonntag + keys: + - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDLe9mJZfD2TxWHJjCzhRxHJg2rhJ86KYlnUVZ//5A8d32h1GcpFcCTLa7A+J2xdctov7UM5dNr4CMZAmDvPJcebPmmLTGR81cWAwmucTGdZVue4ycNDtteoV1+7Sx9MVbgAWGa4SS7C1IfsfPZJTWZBIGQEM/TYBjhAKdraJqK5aMTtyaXGCxsbwyK+0UzLgDXbfpM851S3MkksNiqNBu+8iyIWn6JgpU3vosfh3qdRS3VIXSXyUYE6+rAkHu+QkSyYmp7T2uzS3gsRFaRo6/76BPQF9ITA0IFjMvtytPV1IA8GiVnkdhZsyz7SdyIImC7YLAmOwdrN1kiTxGpskWJfXFSzYnXDa3t84i3sO9MR0Qf+QXJfHT60z02X//RCCPnT/Sy711HQKJ0sDrRXu+EfMtUlnCw2Q0OMehW07RHod2YImoFKzOHcjXkkl3Q8Us/5a/vosCKIOG+gbX5FEuAhjTy0n29enExN+W/1dPxUC7xDAEZx5NGG1GYcqt8bw1lzXtMuFrRsIQOxELou+EfXKSlWHhd6/xzoeNrUciw6hPI4gWt+wHPV0xl2x2HJnmXaB90TFBxBg/2vcOINBLxwcPZwM88BWmzNeDUCqMDnzD2XmbFYy9Jkc9Iu8OUDaj8ruGa9VgsuUGT5DOGncX+Py/vrv0cGsG39LwJuFSpgQ== + comment: benjamin@mg + - user: Guinness + editor: /usr/bin/vim + git_author_email: oudin@crans.org + git_author_name: Rémi Oudin + keys: + - key: ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAEQkcf9ULA7Fkaa9yTDuhqQZCD4kycfd0bjYESPBpvBZuHWiyUiiofpOsYcdWZQ+fuz1Hv1GGU5zFh367d5piRL2QFVvTk7pwH+iUrkxnMyF6f7n3Y1ZyrrUP41Xf8FmqSm1pfVjtNGuqkH7jNF+/jg3cSi642gs8aMkaG4tTrdt8ksxQ== + comment: remi@olaf + - user: Mindiell + editor: /usr/bin/vim + git_author_email: tb@laquadrature.net + git_author_name: Mindiell + keys: + - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsEKH9T16VFIztigwiCWDEkgjW0F++NAHgh+MsiIPglcJ9VTmkw4nQDwbIS3cL4RMb6T30DAcxDG/k5YSh+KPC/G5xkmkS6/CVwCHBFvDByYDl6Dy0iGVExWE+I/ovnFOpoGRDMkGsyki5qXUcfDYW63fT2rPI6TgozAPrvLjIqoWSa686VcFtQGLP47xMhU3bPc1bchavyNAlSUKn6pXO07uab2ea327wMbkIU7JPj2IDuC08ZLgqE5EliRbvS7MUf4ewJXmHVahViCReAkboBvcfW9MVT22kifg+HikLU701PV2kCIfatL3/mcyI0G34yc1B7KSmS08CnKy9IzWW1SJdm6uM7zshtYFq0NmqamdV88btgh7aSxL8N73Kwk0thynTa1iX+QZpX49dH/kSRuwxUSeki172i1SHZT+9/cpymDumZDM4q9wZYZplHr69oJpcthToPaNPy8iFeNTNgOT+baPrY5qsigEsog4c/h9gkhr6M7wHzYJXoU7+eH+JF1xzZETSt/TlgQOzG4CDDWOrMfWH7VpbCIciKijdV5jnrT7/5AnVXBEInQD49xgxpjFHTq2hufdUUyuKydPN6x2c2J0r8XjiYFxLbGHsiNrmqh5WnsXc9ey3P5ztM81ODUs9WNTF8uX9MWMmWzSqgJFFLUCn1AWxd0esk6qNUQ== + comment: tb@laquadrature.net + - user: Porkepix + editor: /usr/bin/vim + git_author_email: porkepix@laquadrature.net + git_author_name: Porkepix + keys: + - key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOTdxSd3nkuMFk4e+NeBu7LQ02qTmOWkzC+Sox8kO1vi + comment: Porkepix - old mac key + - key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+3QjfxK8abDDD7u5IQWUAqlz13jhpvfMlxgZDmwA31 + comment: clement@T470-clement diff --git a/playbooks/common.yml b/playbooks/common.yml new file mode 100644 index 0000000000000000000000000000000000000000..97b08a904f503335a2dcf72c8dfd1b5a1f26d0d7 --- /dev/null +++ b/playbooks/common.yml @@ -0,0 +1,4 @@ +--- +- hosts: all + roles: + - roles/common diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..8c00daafba7070ab0070d9e5df1a53a038e3fc65 --- /dev/null +++ b/roles/common/defaults/main.yml @@ -0,0 +1,2 @@ +--- +default_editor: /usr/bin/vim diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..6fd8feb4e4e0064c25ae5f8494aecaad3d32160c --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- name: Configure SSH access + include: ssh.yml diff --git a/roles/common/tasks/ssh.yml b/roles/common/tasks/ssh.yml new file mode 100644 index 0000000000000000000000000000000000000000..0dac3c6d6c7df2f771a6e815852e0c123fb44a51 --- /dev/null +++ b/roles/common/tasks/ssh.yml @@ -0,0 +1,6 @@ +--- +- name: Set authorized_keys2 file + template: + src: authorized_keys2.j2 + dest: /root/.ssh/authorized_keys2 + mode: 0600 diff --git a/roles/common/templates/authorized_keys2.j2 b/roles/common/templates/authorized_keys2.j2 new file mode 100644 index 0000000000000000000000000000000000000000..2257e8e6f1ad2d9dcab16a93172017b6d7436a28 --- /dev/null +++ b/roles/common/templates/authorized_keys2.j2 @@ -0,0 +1,6 @@ +{% for person in people %} +{% for k in person['keys'] %} +environment="SSHCLIENTUSER={{ person['user'] }}",environment="EDITOR={{ person['editor'] | default(default_editor) }}",environment="GIT_AUTHOR_EMAIL={{ person['git_author_email'] }}",environment="GIT_AUTHOR_NAME={{ person['git_author_name'] }}" {{ k['key'] }} {{ k['comment'] }} + +{% endfor %} +{% endfor %}