make the ansible key addition and other users key addition a little less scary

2012-11-02 06:22:19 +00:00 · 2012-11-02 06:22:19 +00:00 · 355c668d8c
commit 355c668d8c
parent 42c749ac8f
2 changed files with 10 additions and 7 deletions
--- a/tasks/cloud_setup_basic.yml
+++ b/tasks/cloud_setup_basic.yml
@ -25,17 +25,17 @@
  action: shell hostname  ${hostbase}`curl -s http://169.254.169.254/latest/meta-data/instance-id`
  tags:
  - config
+
+- name: add ansible root key 
+  action: authorized_key user=root key='$FILE(${files}/common/ansible-pub-key)'
+  tags:
+  - config
  
- name: put sysadmin-main in place for sshing in
-  action: copy src=$files/common/sysadmin-main dest=/root/.ssh/authorized_keys mode=600 backup=true
+- name: add root keys for sysadmin-main and other allowed users
+  action: authorized_key user=root key='$PIPE(${auth_keys_from_fas} @sysadmin-main ${root_auth_users})'
  tags:
  - config

- name: add root keys for other allowed users
-  action: authorized_key user=root key='$PIPE(${auth_keys_from_fas} ${root_auth_users})'
-  only_if: is_set('${root_auth_users}')
-  tags:
-  - config

 # note - kinda should be a handler - but handlers need args
 - name: restorecon