jakub/ansible
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7c4533c95f16e7cfca45fcc7e6e89181f36ae82a
ansible/users-ssh.yml
jakub 7c4533c95f Add users-ssh.yml
2025-09-11 15:59:16 +00:00

37 lines
1.2 KiB
YAML
Raw Blame History

- name: Ensure users exist and have SSH keys
hosts: all
become: true
vars:
users:
- name: automation
shell: /bin/bash
groups: [sudo] # optional
password_lock: true # optional: no local password login
keys:
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEx+ltCKNIEM7F4PzGLv22cIu7N0Fpn5gxwV02xq0GS9 automation@im.cz"
# add more users like:
# - name: deploy
# keys:
# - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ... deploy@example"
tasks:
- name: Ensure user exists (creates home if missing)
ansible.builtin.user:
name: "{{ item.name }}"
shell: "{{ item.shell | default('/bin/bash') }}"
groups: "{{ (item.groups | default([])) | join(',') if (item.groups | default([])) else omit }}"
append: true
create_home: true
password_lock: "{{ item.password_lock | default(omit) }}"
state: present
loop: "{{ users }}"
- name: Install authorized SSH keys
ansible.builtin.authorized_key:
user: "{{ item.0.name }}"
key: "{{ item.1 }}"
state: present
manage_dir: true # ensures ~/.ssh exists with correct perms
loop: "{{ users | subelements('keys', skip_missing=True) }}"
Reference in New Issue View Git Blame Copy Permalink