2018-12-17 12:50:15 +00:00
|
|
|
---
|
2021-02-18 15:40:18 +00:00
|
|
|
- name: set ssh CA pub keys
|
2018-12-17 12:50:15 +00:00
|
|
|
template:
|
|
|
|
|
src: 'trusted_user_ca_keys.j2'
|
|
|
|
|
dest: '{{ ssh_trusted_user_ca_keys_file }}'
|
|
|
|
|
mode: '0644'
|
|
|
|
|
owner: '{{ ssh_owner }}'
|
|
|
|
|
group: '{{ ssh_group }}'
|
|
|
|
|
notify: restart sshd
|
|
|
|
|
|
2021-02-18 15:40:18 +00:00
|
|
|
- name: create ssh authorized principals directories
|
2018-12-17 12:50:15 +00:00
|
|
|
file:
|
|
|
|
|
path: '{{ item.path | dirname }}'
|
|
|
|
|
mode: '{{ item.directorymode | default(0700) }}'
|
|
|
|
|
owner: '{{ item.directoryowner | default(ssh_owner) }}'
|
|
|
|
|
group: '{{ item.directorygroup | default(ssh_group) }}'
|
|
|
|
|
state: directory
|
2021-02-18 15:40:18 +00:00
|
|
|
loop: '{{ ssh_authorized_principals }}'
|
2018-12-17 12:50:15 +00:00
|
|
|
|
2021-02-18 15:40:18 +00:00
|
|
|
- name: set ssh authorized principals
|
2018-12-17 12:50:15 +00:00
|
|
|
template:
|
|
|
|
|
src: 'authorized_principals.j2'
|
|
|
|
|
dest: '{{ item.path }}'
|
|
|
|
|
mode: '{{ item.filemode | default(0600) }}'
|
|
|
|
|
owner: '{{ item.owner| default(ssh_owner) }}'
|
|
|
|
|
group: '{{ item.group | default(ssh_group) }}'
|
2021-02-18 15:40:18 +00:00
|
|
|
loop: '{{ ssh_authorized_principals }}'
|
