Add a role for deploying infrastructure authorized keys and use it

This commit is contained in:
June 2023-11-11 00:23:20 +01:00 committed by julian
parent 89f1b1b299
commit bb95923807
5 changed files with 31 additions and 0 deletions

View file

@ -55,3 +55,11 @@ all:
keycloak: keycloak:
wiki: wiki:
onlyoffice: onlyoffice:
infrastructure_authorized_keys_hosts:
hosts:
cloud:
pad:
public-reverse-proxy:
keycloak:
wiki:
onlyoffice:

View file

@ -59,3 +59,11 @@ all:
docker_compose_hosts: docker_compose_hosts:
hosts: hosts:
uptime-kuma: uptime-kuma:
infrastructure_authorized_keys_hosts:
hosts:
light:
mqtt:
zigbee2mqtt:
authoritative-dns:
mailserver-endpoint:
uptime-kuma:

View file

@ -7,6 +7,11 @@
roles: roles:
- deploy_ssh_server_config - deploy_ssh_server_config
- name: Ensure deployment of infrastructure authorized keys
hosts: infrastructure_authorized_keys_hosts
roles:
- infrastructure_authorized_keys
- name: Ensure Nextcloud config - name: Ensure Nextcloud config
hosts: nextcloud_hosts hosts: nextcloud_hosts
roles: roles:

View file

@ -0,0 +1,3 @@
# Role `infrastructure_authorized_keys`
A role for deploying the infrastructure authorized keys from [this repo](https://gitlab.hamburg.ccc.de/ccchh/infrastructure-authorized-keys).

View file

@ -0,0 +1,7 @@
- name: deploy infrastructure authorized keys
ansible.posix.authorized_key:
state: present
user: chaos
exclusive: true
key: https://gitlab.hamburg.ccc.de/ccchh/infrastructure-authorized-keys/-/raw/trunk/authorized_keys?ref_type=heads&inline=false