diff --git a/.gitignore b/.gitignore index 722d5e7..4fc9754 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ .vscode +inventory +ansible.cfg \ No newline at end of file diff --git a/slococo/playground/roles/local_accounts/meta/argument_specs.yml b/slococo/playground/roles/local_accounts/meta/argument_specs.yml index 6eb92ed..4779a0b 100644 --- a/slococo/playground/roles/local_accounts/meta/argument_specs.yml +++ b/slococo/playground/roles/local_accounts/meta/argument_specs.yml @@ -40,3 +40,8 @@ argument_specs: required: false default: false description: Boolean value indicating whether SSH key pairs should be generated for passwordless authentication. + private_key_path: + type: str + required: no + default: /tmp + description: "Path to the private key. If not provided, the default path will be /tmp." diff --git a/slococo/playground/roles/local_accounts/tasks/main.yml b/slococo/playground/roles/local_accounts/tasks/main.yml index 97440be..4dfc50f 100644 --- a/slococo/playground/roles/local_accounts/tasks/main.yml +++ b/slococo/playground/roles/local_accounts/tasks/main.yml @@ -16,17 +16,24 @@ - name: Determine key path set_fact: - key_path: "{{ (private_key_path | default('/tmp')) + '/id_rsa' }}" + key_path: "{{ (private_key_path | default('/tmp')) | regex_replace('/$','') }}/id_rsa" - name: Generate SSH key pairs for local users community.crypto.openssh_keypair: path: "{{ key_path }}_{{ item.name }}" loop: "{{ accounts_with_home }}" - when: not ansible_check_mode and item.passwordless | default(false) | bool + when: item.passwordless | default(false) | bool delegate_to: localhost run_once: true become: false +- name: Ensure .ssh directory exists + ansible.builtin.file: + path: "{{ item.home }}/.ssh" + state: directory + loop: "{{ accounts_with_home }}" + when: item.passwordless | default(false) | bool + - name: Copy public keys to authorized_keys for passwordless authentication ansible.builtin.copy: content: "{{ lookup('file', key_path + '_' + item.name + '.pub') }}"