Skip to content
/ ansible-role-ssh-config Public
forked from memiah/ansible-role-ssh-config

Configure system users, groups and SSH access, optionally based on GitHub users.

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ErmakovDmitriy/ansible-role-ssh-config

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
defaults
defaults
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
README.md
README.md
 
 

Repository files navigation

Ansible Role: SSH Config

Configure system users, groups and SSH access, optionally based on GitHub users.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

ssh_config_users: []
  # You can specify an object with 'name' (required) and 'groups' (optional):
  # - name: example
  #   groups: www-data,memiah
  #   authorized_keys:
  #     - "ssh-rsa ..."

  # Or you can specify a GitHub username:
  # - github: memiah

A list of users to add to the server; the username will be the name. You can add the user to one or more groups (in addition to the [username] group) by adding them as a comma-separated list in groups. SSH keys can be added using the authorized_keys options with a list of keys. Specify a github username to fetch authorised keys from GitHub.

ssh_config_users_absent: []
  # You can specify an object with 'name' (required):
  # - name: example

  # Or you can specify a username directly:
  # - example

A list of users who should not be present on the server and should be removed.

ssh_config_groups: []
  # - name: example
  #   passwordless_sudo: True

System groups that should be created. These can be assigned to users defined in ssh_config_users. If the group should be allowed passwordless_sudo, optionally set that here.

ssh_config_groups_absent: []
  # You can specify an object with 'name' (required):
  # - name: example

  # Or you can specify a group directly:
  # - example

A list of groups that should not be present on the server and should be removed.

ssh_config_github_url: https://github.com

By default, use public GitHub (i.e. https://github.com) as the source for users/keys. Override this to use a different GitHub instance/endpoint (e.g. GitHub Enterprise).

ssh_config_ssh_auth_sock: True

For SSH agent forwarding, maintain the SSH_AUTH_SOCK environment variable.

Dependencies

  • geerlingguy.security

Example Playbook

- hosts: servers
  become: yes
  vars:
    ssh_config_users:
      # You can specify an object with 'name' (required) and 'groups' (optional):
      - name: jane-doe
        groups: www-data,example
        authorized_keys:
          - "ssh-rsa ..."
      # Or you can specify a GitHub username:
      - github: john-doe
      
    ssh_config_users_absent:
        - johndoe
        - name: jane
    
  roles:
    - memiah.ssh-config

License

MIT / BSD

Author Information

This role was created in 2018 by Memiah Limited.

About

Configure system users, groups and SSH access, optionally based on GitHub users.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published