Skip to content

memiah/ansible-role-ssh-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
defaults
defaults
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 

Repository files navigation

Ansible Role: SSH Config

Configure system users, groups and SSH access, optionally based on GitHub users.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

ssh_config_users: []
  # You can specify an object with 'name' (required) and 'groups' (optional):
  # - name: example
  #   groups: www-data,memiah
  #   authorized_keys:
  #     - "ssh-rsa ..."

  # Or you can specify a GitHub username:
  # - github: memiah

A list of users to add to the server; the username will be the name. You can add the user to one or more groups (in addition to the [username] group) by adding them as a comma-separated list in groups. SSH keys can be added using the authorized_keys options with a list of keys. Specify a github username to fetch authorised keys from GitHub.

 ssh_config_users_additional: []

Additional system users that can be assigned to specific inventories or roles, useful when using ssh_config_users as a common default user list.

ssh_config_users_absent: []
  # You can specify an object with 'name' (required):
  # - name: example

  # Or you can specify a username directly:
  # - example

A list of users who should not be present on the server and should be removed.

ssh_config_groups: []
  # - name: example
  #   passwordless_sudo: True

System groups that should be created. These can be assigned to users defined in ssh_config_users. If the group should be allowed passwordless_sudo, optionally set that here.

ssh_config_groups_additional: []

Additional system groups that can be assigned to specific inventories or roles, useful when using ssh_config_groups as a common default group list.

ssh_config_groups_absent: []
  # You can specify an object with 'name' (required):
  # - name: example

  # Or you can specify a group directly:
  # - example

A list of groups that should not be present on the server and should be removed.

ssh_config_github_url: https://github.com

By default, use public GitHub (i.e. https://github.com) as the source for users/keys. Override this to use a different GitHub instance/endpoint (e.g. GitHub Enterprise).

ssh_config_ssh_auth_sock: True

For SSH agent forwarding, maintain the SSH_AUTH_SOCK environment variable.

Dependencies

  • memiah.security

Example Playbook

- hosts: servers
  become: yes
  vars:
    ssh_config_users:
      # You can specify an object with 'name' (required) and 'groups' (optional):
      - name: jane-doe
        groups: www-data,example
        authorized_keys:
          - "ssh-rsa ..."
      # Or you can specify a GitHub username:
      - github: john-doe
      
    ssh_config_users_absent:
        - johndoe
        - name: jane
    
  roles:
    - memiah.ssh-config

License

MIT / BSD

Author Information

This role was created in 2018 by Memiah Limited.

About

Configure system users, groups and SSH access, optionally based on GitHub users.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 9

Update readme reference to ssh_config_users_additional variable Latest
Jan 11, 2019
+ 8 releases

Packages

No packages published

Contributors 2

  •  
  •