AFPy/infra
AFPy
/
infra
9
0
Fork 2
Code Issues 5 Pull Requests Projects Releases Wiki Activity

Add backup authorized key. 

And use 'copy' instead of 'authorized_keys': it eases the removing of
a key, and it's clearer what keys are allowed.
This commit is contained in:
Julien Palard 2021-04-26 09:47:17 +02:00
parent 96d43742b8
commit 4362a92cd1
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
group_vars/all/vars
View File

@ -3,8 +3,9 @@
letsencrypt_email: afpy-web@lists.afpy.org
ansible_python_interpreter: "/usr/bin/python3"
ansible_user: root
authorized_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKA7DgTQ0G7+kdsX0lIUOAAOllwGSCu8s8TxPvr/61Y8q+pIO5mrZycI0xYcKP5NZaABqlFyXUUNfLj7RLqteBxqq2QZP4NOJ1MutYRIkzJ9YW0f565jHaOqSguz0MY+1sCHtuEPiUUZoNexkKN7SIx60SfoaMEvGjAj46txA7VFbJUuKcJtA1Yvmn0C0KoXUUQ/G+JqvjQ7QuKLQYdTZ8S9OEvNaqNfwNSwvy1/LCnuajFw0O+H5bz7AcS5Iuj+9k8wgHPK1a1rQEdteOcn2XBCvta/VOVlFLv6/9K3iU3EJ1pyaZ88UkuJef8aWnH/AJGaF2gLqUbBuL+UeXyD41 julien+yubikey4@palard.fr"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8vv8vwmbyhFEa0chj8LklnnY6DRLKj2OM0NgaMTd9SsrtBeLMqTt34pU+kKl6/9EIe9P8Z1/fWFyOiTsE7Khf3rkNsoILPmEV14i18Bvtp4nMtljqZaKVkAcRjPvo7flRWNxxL2Zbo+BEr3wVCl3Sc6YV8oQzCwVPKf34AB39b+PW4f3580Aqcd4Ci6zca0Ol95tLDv1slX1A7QcpoZAne8kj5h6bb4cC7FLBC9+xOSKmzoLOlP7LsyxaUUGRyi/FeMoma1VES65aIJ5U23GtZrzZI3tKz+vpQvOVaozNTDkNLiiJkjd3Ew1I10wArpZixjwSndP8CvGFyJc1XUXZ julien+yubikey5@palard.fr"
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVLcQld0qXYkStjCjkOLvoAk80iFwOPWY1Nv2EzU6P8o2dxOaHBuO1YcaB7XmK6rP1bf4xjOQtlhDGCSZ7lIM3H8gEHTfsVw3odbaoq/B0NpP8j+PL4YMJMzY+SUXZTILYUiJ3uuR064z21mpNcNWwWY/2NM6k7h93AOfxNo6ZxO460sHOlAlHNqlsyUGhtIWndCTAQ1wpT2YMWo/y8HCwizYGZz4HQ04nVTK9DLftb7bBxaqTtiPnx+VzYsRg1Ma1OvBggehL6iiXu6xpyXarRx99n3SVO8ptx/rmaX3tyB2ZN2kcxAYHscgh2vRrVm6BWmSF1XXuf2Vu35Lo0K510Jd92gbkBVair7ZtR6hFcNhDHfA87mhdqvld3XwL9/D93ZSGo4FCSJb0xdq4HtpsMVE20yEiDyOe7KeShbur3YYzdZAAmvhTaUyjfm9qReIS/OoAIePZvTNiX3/sbVwdDMzXp+6C17aGFGZ2ONug63Rs0ePdVmYUgFnm26tYfznuQwZcRlCEJwlMI2nYaKQk0GG1NbzHrZZdnCIujav0Ncdpi2RZgb4nlWX66mO16HcYpheMGpClBDxya9FM6ga7WFc72Z0xHfB1HTemEN/qlA1hroNK/DuRJzT/oxp7rd2YhcunmXrucKX4/KlkA0FcNbNY/sVsF2dr4oGBr3pzvQ== marc@debureaux.fr"
- "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJP+t8d7oLqPhXG40+jWogT+cK1ciiS+XB/nV8IoLw9gxrC05oWIoUo6vuqp0W+ugm7nf+zlIqEMjPHDzRp52iQ= asyd@asuka"
authorized_keys: |
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKA7DgTQ0G7+kdsX0lIUOAAOllwGSCu8s8TxPvr/61Y8q+pIO5mrZycI0xYcKP5NZaABqlFyXUUNfLj7RLqteBxqq2QZP4NOJ1MutYRIkzJ9YW0f565jHaOqSguz0MY+1sCHtuEPiUUZoNexkKN7SIx60SfoaMEvGjAj46txA7VFbJUuKcJtA1Yvmn0C0KoXUUQ/G+JqvjQ7QuKLQYdTZ8S9OEvNaqNfwNSwvy1/LCnuajFw0O+H5bz7AcS5Iuj+9k8wgHPK1a1rQEdteOcn2XBCvta/VOVlFLv6/9K3iU3EJ1pyaZ88UkuJef8aWnH/AJGaF2gLqUbBuL+UeXyD41 julien+yubikey4@palard.fr
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8vv8vwmbyhFEa0chj8LklnnY6DRLKj2OM0NgaMTd9SsrtBeLMqTt34pU+kKl6/9EIe9P8Z1/fWFyOiTsE7Khf3rkNsoILPmEV14i18Bvtp4nMtljqZaKVkAcRjPvo7flRWNxxL2Zbo+BEr3wVCl3Sc6YV8oQzCwVPKf34AB39b+PW4f3580Aqcd4Ci6zca0Ol95tLDv1slX1A7QcpoZAne8kj5h6bb4cC7FLBC9+xOSKmzoLOlP7LsyxaUUGRyi/FeMoma1VES65aIJ5U23GtZrzZI3tKz+vpQvOVaozNTDkNLiiJkjd3Ew1I10wArpZixjwSndP8CvGFyJc1XUXZ julien+yubikey5@palard.fr
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVLcQld0qXYkStjCjkOLvoAk80iFwOPWY1Nv2EzU6P8o2dxOaHBuO1YcaB7XmK6rP1bf4xjOQtlhDGCSZ7lIM3H8gEHTfsVw3odbaoq/B0NpP8j+PL4YMJMzY+SUXZTILYUiJ3uuR064z21mpNcNWwWY/2NM6k7h93AOfxNo6ZxO460sHOlAlHNqlsyUGhtIWndCTAQ1wpT2YMWo/y8HCwizYGZz4HQ04nVTK9DLftb7bBxaqTtiPnx+VzYsRg1Ma1OvBggehL6iiXu6xpyXarRx99n3SVO8ptx/rmaX3tyB2ZN2kcxAYHscgh2vRrVm6BWmSF1XXuf2Vu35Lo0K510Jd92gbkBVair7ZtR6hFcNhDHfA87mhdqvld3XwL9/D93ZSGo4FCSJb0xdq4HtpsMVE20yEiDyOe7KeShbur3YYzdZAAmvhTaUyjfm9qReIS/OoAIePZvTNiX3/sbVwdDMzXp+6C17aGFGZ2ONug63Rs0ePdVmYUgFnm26tYfznuQwZcRlCEJwlMI2nYaKQk0GG1NbzHrZZdnCIujav0Ncdpi2RZgb4nlWX66mO16HcYpheMGpClBDxya9FM6ga7WFc72Z0xHfB1HTemEN/qlA1hroNK/DuRJzT/oxp7rd2YhcunmXrucKX4/KlkA0FcNbNY/sVsF2dr4oGBr3pzvQ== marc@debureaux.fr
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJP+t8d7oLqPhXG40+jWogT+cK1ciiS+XB/nV8IoLw9gxrC05oWIoUo6vuqp0W+ugm7nf+zlIqEMjPHDzRp52iQ= asyd@asuka
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4lVaR7LTovURubmV+f280kzJafI4liqEMQ31iLVig+63JSxQU6s16QExkriTJqyA8oprTvJKQnGpQhYUVG6KHw+JL0S9v7X/ut+14iEqC45sPkY1eYfcM4dJwozQsHyk33AwNMNWFQymP6eQQ6TsR3w1NhZp6EIoXiGVvu1CdjCHc5T5K13QJGjdKTJ03DcJ+7jUkwl2Tx7khpm1o0Ogl+HoPh8PLJQBaVTo6R9bRAro+L6YJVK0zRFVXA/gGVyaEEpbrUOQNfeMW8vCmn1ZendsgWGBQrywcXpm12PtkhG2WHkdp+yJNvjMr5wPtTn3EQkxXTYRCPjb9dTyifCMP rsnapshot backups by Julien Palard

8
roles/common/tasks/main.yml
View File

@ -58,8 +58,12 @@
- sudo
- name: Set some authorized keys
authorized_key: user=root key="{{item}}"
with_items: "{{ authorized_keys }}"
copy:
content: "{{ authorized_keys }}"
dest: /root/.ssh/authorized_keys
mode: 0600
owner: root
group: root
- name: Ensure mlocate and locate are not installed
apt: