initial commit

This commit is contained in:
Egon Rijpkema 2017-08-31 10:32:49 +02:00
commit 909cbe2dec
5 changed files with 127 additions and 0 deletions

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
secrets.yml
*.retry
*.pyc

15
README.md Normal file
View File

@ -0,0 +1,15 @@
# ssh keys repository
The `users.yml` playbook contains users and public keys.
The playbook uses `/etc/hosts` as a database for hosts to install the keys on.
## usage:
* Make changes to a local checkout of this repo.
* `git commit` the changes, `git push` and `git pull` on xcat.
* on xcat:
```bash
git pull
ansible-playbook users.yml # this will install the users on all hosts in /etc/hosts.
```

2
ansible.cfg Normal file
View File

@ -0,0 +1,2 @@
[defaults]
hostfile = hosts.py

59
hosts.py Executable file
View File

@ -0,0 +1,59 @@
#!/usr/bin/env python
import argparse
import json
import sys
def get_hosts(hosts_file='/etc/hosts'):
'''
Get the hostsnames from /etc/hosts.
Returns: A set of hostnames.
'''
rv = []
with open(hosts_file, 'r') as f:
for line in f:
if line == '\n':
continue
if line[0] == '#':
continue
rv.append(line.split()[1])
rv = set(rv)
ignore = {'localhost', 'ip6-allnodes', 'ip6-allrouters'}
return rv.difference(ignore)
def get_args(args_list):
"""
Parse the arguments and make sure only
that --list or --host is given, not both.
"""
parser = argparse.ArgumentParser(
description='ansible inventory script parsing /etc/hosts')
mutex_group = parser.add_mutually_exclusive_group(required=True)
help_list = 'list all hosts from /etc/hosts'
mutex_group.add_argument('--list', action='store_true', help=help_list)
help_host = 'display variables for a host'
mutex_group.add_argument('--host', help=help_host)
return parser.parse_args(args_list)
def main(args_list):
"""
Print a json list of the hosts if --list is given.
Does not support host vars.
Print an empty dictionary if --host is passed to remain valid.
"""
args = get_args(args_list)
if args.list:
print(json.dumps({
'all': {
'hosts': list(get_hosts()),
}
}))
if args.host:
print(json.dumps({}))
if __name__ == '__main__':
main(sys.argv[1:])

48
users.yml Normal file
View File

@ -0,0 +1,48 @@
# SSH keys of HPC colleagues.
# for more advanced examples, see:
# http://docs.ansible.com/ansible/latest/authorized_key_module.html
---
- name: Initial setup
hosts: all
become: True
tasks:
- group:
name: admin
state: present
- name: Passwordless sudo for admins
lineinfile: dest=/etc/sudoers line="%admin ALL=(ALL:ALL) NOPASSWD:ALL"
- user:
name: wim
comment: "Wim Nap"
group: admin
- authorized_key:
user: wim
key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPcJbucOFOFrPZwM1DKOvscYpDGYXKsgeh3/6skmZn/IhLWYHY6oanm4ifmY3kU0oNXpKgHR43x3JdkIRKmrEpYULspwdlj/ZKPYxFWhVaSTjJvmSJEgy7ET1xk+eVoKV1xRWm/BugWpbseFAOcI9ZwfH++S8JhfX6GgCIy06RUpM8EcFAWb/GO699ZnQ67qMxNdSWYHtK1zu+9svWgEzPk4zc2TihJsc7DxcfQCNfQ4vKH1Im3+QfG5bRtdyVl9yjbE+o4EWhPEWsTBgBosJfbqfywsuzibhTgyybR0Zzm4JN6Wh5wVazvNutAB291dIJt22XEx5tCyOAjLPybLy3 wim@wim-HP-Compaq-Elite-8300-MT'
state: present
- user:
name: egon
comment: "Egon Rijpkema"
group: admin
- authorized_key:
user: egon
key: '{{ item }}'
state: present
with_items:
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUBdTEHUj6MxvfEU7KcI+UPAvqJ9jGJ7hHm3e7XFTb9 egon@egon-pc'
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDStPUPXkcu81onUm/le54JCu174yXJJDsthDr96Mv8irBVBWuy5FxnaASuDpmC4QE4s0UAIg1iq/SWrr8qdBQ4OVuYFiW0S7ZJvcoKr/40Wh+T5MeltGQfmkDp6kBsfaMSo6M4tF1c8i+XgOgxb4fxHYb8mFhseztRLx6McxJJJLB0nu+T12WQ01nl0XtwD+3EsZWfxRH0KA59VHZSe3Anc5z+Fm7WU+1Vzy6/pkiIhVReI1L6VVhZsIdSu3fQK6fHQcujtfuw6RKEpisZQqnxMUviWQ98yeQXHk6Nx840WCh3vvKveEAoC4Y/UEZa1TMe6PczfUaLjaidUkpulJsP egon@egon-pc'
- user:
name: hopko
comment: "Hopko Meijering"
group: admin
- authorized_key:
user: hopko
key: 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArQsJ0g/a5YOHlk7xcMpHNxiN+up4syzLZfgiICECET/SCDXUN4Xh3BlSWng8hMQMD5sNSADF4AghdLKfuqXG1MMSvzGSVTcRwiZ+Hq6YCoiinpQw0qu7LOZVZeoG8f7sGwhBqe0wKeyPe6Q7nRe0CXvM+aU4XfZz18O/d3mU1S7cEiue02MgH6ff6VTJFqOtLGpL1rILJn3t58N+2CCWxJwGplkp7hRJ9TnhQqCO+PN/p/4neusjembRu5lX+AKX1mv91WYURkxfLE3CWe9V9YJVG0lLgfXDMyghqkTwf8UsMHS5FBy8oTvuC55EhX+xm2Peo1lZlzy7t5Hg2fWYFQ== h.meijering@rug.nl'
state: present