ilia
de49b34cdc
Some checks failed
CI / skip-ci-check (pull_request) Successful in 6s
CI / lint-and-test (pull_request) Failing after 9s
CI / ansible-validation (pull_request) Failing after 6s
CI / secret-scanning (pull_request) Successful in 5s
CI / dependency-scan (pull_request) Successful in 8s
CI / sast-scan (pull_request) Failing after 5s
CI / license-check (pull_request) Successful in 11s
CI / vault-check (pull_request) Failing after 6s
CI / playbook-test (pull_request) Failing after 6s
CI / container-scan (pull_request) Failing after 6s
CI / sonar-analysis (pull_request) Failing after 2s
CI / workflow-summary (pull_request) Successful in 4s
Document pve10 static IPs, monitoring stack, and site LXCs; add portfolio to inventory; Mailcow mailbox automation; vault import/export scripts; security audit guides and UniFi DHCP reference. Co-authored-by: Cursor <cursoragent@cursor.com>
21 lines
748 B
YAML
21 lines
748 B
YAML
---
|
|
# Playbook: ssh-keys
|
|
# Purpose: Install your workstation SSH public key on all inventory hosts
|
|
# Targets: all hosts except localhost
|
|
# Usage: make copy-ssh-keys-ansible
|
|
# make copy-ssh-keys-ansible GROUP=services
|
|
# make copy-ssh-keys-ansible HOST=dev01
|
|
|
|
- name: Deploy workstation SSH public key
|
|
hosts: all:!local
|
|
gather_facts: false
|
|
vars:
|
|
ssh_public_key_file: "{{ lookup('env', 'SSH_PUBLIC_KEY') | default(lookup('env', 'HOME') + '/.ssh/id_ed25519.pub', true) }}"
|
|
tasks:
|
|
- name: Add SSH public key for ansible_user
|
|
ansible.posix.authorized_key:
|
|
user: "{{ ansible_user | default(ansible_user_id) }}"
|
|
state: present
|
|
key: "{{ lookup('file', ssh_public_key_file) }}"
|
|
become: false
|