Skip to content

HUIT-AcademicTechnology-Ops/ansible-role-ssh-users

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
defaults
defaults
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Ansible Role: SSH users

This role will create unix users with groups and owned directories as specified by the input list. It will also manage authorized_ssh_keys for these users that are chosen from a list of common organization users' public ssh credentials which are retrieved from github. A list of unix users with optional directories and github usernames is the expected input to the role.

Some assumptions are made to simplify the number of role variables required for this role:

  • a group will be created for each ssh user with the same name as the user name
  • the login shell will default to /bin/bash and can only be overriden at the list level, and not per user
  • the set of public ssh authorized keys will be pulled from github urls, so users are expected to have stored their public keys in their account
  • no ssh connection parameters are allowed per unix user

Requirements

  • Ansible 2.1+

Role Variables

parameter required default comments
ssh_users yes A list of unix users to create, with optional sublists
ssh_users_github_domain no github.com The domain name of the github server targeted for public ssh keys
ssh_users_login_shell no /bin/bash The login shell for each unix user created on the remote machine

The ssh_users input list should look like the following:

    ssh_users:
      - name: adminUser
          github_authorized_keys:
            - githubUsername1
            - githubUsername2
          dirs:
            - /path/to/dir
            - /another/dir
        - name: deployUser
          github_authorized_keys:
            - githubUsername1
            - githubUsername3
            - githubUsername4

The github_authorized_keys sublist should refer to github usernames. The role will attempt to pull down the public keys for that user from a github url (could be a github enterprise url). This sublist is technically optional. Also optional is a list of dirs that will be created and owned by the unix user specified by the name key for each item in the list.

Dependencies

N/A

Example Playbook

    - hosts: remoteHost
      become: true
      vars:
        ssh_users:
            - name: ubuntu
              github_authorized_keys:
                - bermudezjd
            - name: deploy
              github_authorized_keys:
                - bermudezjd
                - jenkins
              dirs:
                - /opt/tlt
      roles:
         - { role: ssh-users }

License

MIT

Author Information

Jaime Bermudez ([email protected])

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 2

Release v1.1 Latest
Jun 27, 2024
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •