Deploy ssh authorized keys

2025-01-21 21:01:36 +01:00 · 2025-01-21 21:01:36 +01:00 · 906868f34e
commit 906868f34e
parent 9d03496f02
4 changed files with 25 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,3 +1,11 @@
+- name: Create ssh key directory
+  ansible.builtin.file:
+    path: /etc/ssh/www_authorized_keys
+    owner: root
+    group: root
+    state: directory
+    mode: "0755"
+
 - name: Setup tenants
  loop: "{{ php_tenants|dict2items(key_name='name', value_name='options') }}"
  loop_control:
--- a/tasks/tenant.yml
+++ b/tasks/tenant.yml
@ -40,3 +40,11 @@
    name: 'www-{{ tenant.name }}'
    priv: 'www-{{ tenant.name }}-%.*:ALL PRIVILEGES'
    plugin: unix_socket
+
+- name: 'Write ssh authorized_keys file for user www-{{ tenant.name }}'
+  ansible.builtin.template:
+    src: ssh_authorized_keys.j2
+    dest: "/etc/ssh/www_authorized_keys/www-{{ tenant.name }}"
+    owner: root
+    group: 'www-{{ tenant.name }}'
+    mode: 0640