Adding option for secondary user to receive public keys

2022-08-23 13:01:26 -06:00 · 2022-08-23 13:01:26 -06:00 · c1656f82ec
commit c1656f82ec
parent 1cfe858e74
3 changed files with 15 additions and 0 deletions
--- a/roles/base/defaults/main.yml
+++ b/roles/base/defaults/main.yml
@ -53,6 +53,9 @@ base_core_root_ca_url: ""
 # SSH
 # ===

+# Added the public keys to an additional user if defined
+base_core_ssh_public_keys_user: ""
+
 # Allow ssh root login
 base_core_ssh_permit_root_login: false

--- a/roles/base/tasks/core_ssh.yml
+++ b/roles/base/tasks/core_ssh.yml
@ -28,6 +28,17 @@
  tags:
  - authorized_key

+- name: Setup authorized keys for secondary user
+  authorized_key:
+    user: "{{ base_core_ssh_public_keys_user }}"
+    state: present
+    key: '{{ lookup("file", item) }}'
+  with_fileglob:
+    - "public_keys/*"
+  when: base_core_ssh_public_keys_user != ""
+  tags:
+  - authorized_key
+
 - name: Configure SSH root login
  lineinfile:
    path: /etc/ssh/sshd_config