Skip to content

Instantly share code, notes, and snippets.

@hostmaster

hostmaster/authorized_keys.j2

Last active August 2, 2021 20:02
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hostmaster/fc4bb8a2a9301bc2285f to your computer and use it in GitHub Desktop.
Save hostmaster/fc4bb8a2a9301bc2285f to your computer and use it in GitHub Desktop.
Download ZIP
Purge unmanaged keys from ~/.ssh/authorized_keys , keep only listed public keys
Raw
authorized_keys.j2
# {{ ansible_managed }}
{% for key in pub_keys.results %}
{{ key.stdout }}
{% endfor %}
Raw
deploy-github-keys.yml
- name: Get ssh public keys from Github
shell: curl -s "https://github.com/{{ item }}.keys"
with_items: github_pub_keys
register: pub_keys
changed_when: False
tags: keys
- name: Check curl return codes
fail:
msg: "The command ({{ item.cmd }}) did not have a 0 return code"
when: item.rc != 0
with_items: pub_keys.results
tags: keys
- name: Ensure ~/.ssh has proper permissions
file: >
path="/home/{{ admin_user }}/.ssh"
mode=0700 owner="{{ admin_user }}" group="{{ admin_user }}"
state=directory
tags: keys
- name: Deploy ssh public key
template: >
src=authorized_keys.j2
dest="/home/{{ admin_user }}/.ssh/authorized_keys"
mode=0600 owner="{{ admin_user }}" group="{{ admin_user }}"
tags: keys
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment