26 lines
956 B
YAML
26 lines
956 B
YAML
---
|
|
- name: Deploy SSH Keys to Linux Hosts
|
|
hosts: linux_hosts:proxmox_cluster:proxmox_hosts:xcpng_hosts
|
|
gather_facts: false
|
|
become: true
|
|
vars:
|
|
# Ensure the slug is passed from your onboarding script or Semaphore env
|
|
# client_slug: "myclient"
|
|
public_key_path: "/root/.ssh/client_{{ CLIENT_SLUG }}.pub"
|
|
|
|
tasks:
|
|
- name: Ensure .ssh directory exists
|
|
ansible.builtin.file:
|
|
path: "~{{ ansible_user }}/.ssh/"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ ansible_user }}"
|
|
mode: '0700'
|
|
when: not (is_lxc | default(false) | bool) # Skips if it's an LXC
|
|
- name: Deploy public SSH key
|
|
ansible.posix.authorized_key:
|
|
user: "{{ ansible_user }}"
|
|
state: present
|
|
# Use lookup to read the local key file on the Semaphore server
|
|
key: "{{ lookup('file', public_key_path) }}"
|
|
when: not (is_lxc | default(false) | bool) # Skips if it's an LXC |