Add ssh role

author: Dmitry Ilvokhin <d@ilvokhin.com> 2024-03-08 21:26:47 +0000
committer: Dmitry Ilvokhin <d@ilvokhin.com> 2024-03-08 21:26:47 +0000
commit: b8d90587492becebbc8828a79deee1edb0792083 (patch)
tree: 1c5e9d5c5342de586cdded523c4855726b15ccaf /roles
parent: 55fe803f1795061d1397c76a793cc2f1986b4774 (diff)
download: infra-b8d90587492becebbc8828a79deee1edb0792083.tar.gz
infra-b8d90587492becebbc8828a79deee1edb0792083.tar.bz2
infra-b8d90587492becebbc8828a79deee1edb0792083.zip
4 files changed, 36 insertions, 16 deletions
diff --git a/roles/ssh/defaults/main.yml b/roles/ssh/defaults/main.yml
new file mode 100644
index 0000000..7ea2a66
--- /dev/null
+++ b/roles/ssh/defaults/main.yml
@@ -0,0 +1 @@
+jumphost: false
diff --git a/roles/ssh/meta/main.yml b/roles/ssh/meta/main.yml
new file mode 100644
index 0000000..4aa0127
--- /dev/null
+++ b/roles/ssh/meta/main.yml
@@ -0,0 +1,2 @@
+dependencies:
+  - role: users
diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml
new file mode 100644
index 0000000..92d4efd
--- /dev/null
+++ b/roles/ssh/tasks/main.yml
@@ -0,0 +1,33 @@
+- name: Setup SSH directory for Dmitry Ilvokhin
+  ansible.builtin.file:
+    path: /home/d/.ssh
+    state: directory
+    owner: d
+    group: d
+    mode: u+rw,g-wx,o-rwx
+
+- name: Update authorized_keys for Dmitry Ilvokhin
+  ansible.posix.authorized_key:
+    user: d
+    state: present
+    key: '{{ item }}'
+  with_file:
+    - misc/pubkeys/d.pub
+
+- name: Configure ssh for Dmitry Ilvokhin
+  ansible.builtin.template:
+    src: misc/dotfiles/ssh/config.j2
+    dest: "~{{ user }}/.ssh/config"
+    owner: "{{ user }}"
+    mode: u+rw,g-rw,o-rw
+  when:
+    - jumphost
+
+- name: Add ssh rc for Dmitry Ilvokhin
+  ansible.builtin.copy:
+    src: misc/dotfiles/ssh/rc
+    dest: "~{{ user }}/.ssh/rc"
+    owner: "{{ user }}"
+    mode: u+rwx,g-rw,o-rw
+  when:
+    - jumphost
diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml
index 864934a..f3df2df 100644
--- a/roles/users/tasks/main.yml
+++ b/roles/users/tasks/main.yml
@@ -14,19 +14,3 @@
       # Group http required to deploy websites with rsync under personal
       # username.
       - http
-
-- name: Setup SSH directory for Dmitry Ilvokhin
-  ansible.builtin.file:
-    path: /home/d/.ssh
-    state: directory
-    owner: d
-    group: d
-    mode: u+rw,g-wx,o-rwx
-
-- name: Update authorized_keys for Dmitry Ilvokhin
-  ansible.posix.authorized_key:
-    user: d
-    state: present
-    key: '{{ item }}'
-  with_file:
-    - misc/pubkeys/d.pub
author	Dmitry Ilvokhin <d@ilvokhin.com>	2024-03-08 21:26:47 +0000
committer	Dmitry Ilvokhin <d@ilvokhin.com>	2024-03-08 21:26:47 +0000
commit	b8d90587492becebbc8828a79deee1edb0792083 (patch)
tree	1c5e9d5c5342de586cdded523c4855726b15ccaf /roles
parent	55fe803f1795061d1397c76a793cc2f1986b4774 (diff)
download	infra-b8d90587492becebbc8828a79deee1edb0792083.tar.gz infra-b8d90587492becebbc8828a79deee1edb0792083.tar.bz2 infra-b8d90587492becebbc8828a79deee1edb0792083.zip