Updating Ubiqtorate

playbooks/sshkey.yml

@@ -0,0 +1,45 @@
+# --- 
+# sshkey.yml
+#
+# ssh-keyscan and copy your SSH key to hosts
+#
+# Parameters:
+# targets: group in the inventory to use
+# threads: number of simultaneous executions
+# pubkey: file to hand off
+# sshport (optional): override 22/tcp/ssh for Ansible control
+#
+# Expects ANSIBLE_VAULT_FILE to be set in the environment to path the vault
+#
+- hosts: "{{ targets | default('all') }}"
+  order: sorted
+  serial: "{{ threads | default('8') }}"
+  gather_facts: false
+  ignore_unreachable: true
+  vars: 
+      ansible_ssh_port: "{{ sshport | default('22') }}" 
+      keyfile: "{{ pubkey | default(lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
+  vars_files:
+     - "{{ lookup('env', 'ANSIBLE_VAULT_FILE') }}"
+
+  tasks:
+      - name: Get key
+        delegate_to: localhost
+        command: "cat {{ keyfile }}"
+        register: key
+
+      # Thanks to https://gist.github.com/shirou/6928012
+      - name: Ensure ssh host key known
+        delegate_to: localhost
+        lineinfile:
+            dest: ~/.ssh/known_hosts
+            create: yes
+            state: present
+            line: "{{ lookup('pipe', 'ssh-keyscan -trsa -p' + ansible_ssh_port + ' ' + inventory_hostname) }}"
+
+      - authorized_key:
+            user: "{{ lookup('env','USER') }}"
+            key: "{{ key.stdout }}"
+            state: present
+            exclusive: true
+        name: "Pass authorized key"