initial commit
This commit is contained in:
commit
909cbe2dec
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
secrets.yml
|
||||||
|
*.retry
|
||||||
|
*.pyc
|
15
README.md
Normal file
15
README.md
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
# ssh keys repository
|
||||||
|
|
||||||
|
The `users.yml` playbook contains users and public keys.
|
||||||
|
The playbook uses `/etc/hosts` as a database for hosts to install the keys on.
|
||||||
|
|
||||||
|
## usage:
|
||||||
|
|
||||||
|
* Make changes to a local checkout of this repo.
|
||||||
|
* `git commit` the changes, `git push` and `git pull` on xcat.
|
||||||
|
* on xcat:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
git pull
|
||||||
|
ansible-playbook users.yml # this will install the users on all hosts in /etc/hosts.
|
||||||
|
```
|
2
ansible.cfg
Normal file
2
ansible.cfg
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
[defaults]
|
||||||
|
hostfile = hosts.py
|
59
hosts.py
Executable file
59
hosts.py
Executable file
@ -0,0 +1,59 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import json
|
||||||
|
import sys
|
||||||
|
|
||||||
|
|
||||||
|
def get_hosts(hosts_file='/etc/hosts'):
|
||||||
|
'''
|
||||||
|
Get the hostsnames from /etc/hosts.
|
||||||
|
Returns: A set of hostnames.
|
||||||
|
'''
|
||||||
|
rv = []
|
||||||
|
with open(hosts_file, 'r') as f:
|
||||||
|
for line in f:
|
||||||
|
if line == '\n':
|
||||||
|
continue
|
||||||
|
if line[0] == '#':
|
||||||
|
continue
|
||||||
|
rv.append(line.split()[1])
|
||||||
|
rv = set(rv)
|
||||||
|
ignore = {'localhost', 'ip6-allnodes', 'ip6-allrouters'}
|
||||||
|
return rv.difference(ignore)
|
||||||
|
|
||||||
|
|
||||||
|
def get_args(args_list):
|
||||||
|
"""
|
||||||
|
Parse the arguments and make sure only
|
||||||
|
that --list or --host is given, not both.
|
||||||
|
"""
|
||||||
|
parser = argparse.ArgumentParser(
|
||||||
|
description='ansible inventory script parsing /etc/hosts')
|
||||||
|
mutex_group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
help_list = 'list all hosts from /etc/hosts'
|
||||||
|
mutex_group.add_argument('--list', action='store_true', help=help_list)
|
||||||
|
help_host = 'display variables for a host'
|
||||||
|
mutex_group.add_argument('--host', help=help_host)
|
||||||
|
return parser.parse_args(args_list)
|
||||||
|
|
||||||
|
|
||||||
|
def main(args_list):
|
||||||
|
"""
|
||||||
|
Print a json list of the hosts if --list is given.
|
||||||
|
Does not support host vars.
|
||||||
|
Print an empty dictionary if --host is passed to remain valid.
|
||||||
|
"""
|
||||||
|
args = get_args(args_list)
|
||||||
|
if args.list:
|
||||||
|
print(json.dumps({
|
||||||
|
'all': {
|
||||||
|
'hosts': list(get_hosts()),
|
||||||
|
}
|
||||||
|
}))
|
||||||
|
if args.host:
|
||||||
|
print(json.dumps({}))
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main(sys.argv[1:])
|
48
users.yml
Normal file
48
users.yml
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
# SSH keys of HPC colleagues.
|
||||||
|
# for more advanced examples, see:
|
||||||
|
# http://docs.ansible.com/ansible/latest/authorized_key_module.html
|
||||||
|
---
|
||||||
|
- name: Initial setup
|
||||||
|
hosts: all
|
||||||
|
become: True
|
||||||
|
|
||||||
|
tasks:
|
||||||
|
- group:
|
||||||
|
name: admin
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Passwordless sudo for admins
|
||||||
|
lineinfile: dest=/etc/sudoers line="%admin ALL=(ALL:ALL) NOPASSWD:ALL"
|
||||||
|
|
||||||
|
- user:
|
||||||
|
name: wim
|
||||||
|
comment: "Wim Nap"
|
||||||
|
group: admin
|
||||||
|
|
||||||
|
- authorized_key:
|
||||||
|
user: wim
|
||||||
|
key: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPcJbucOFOFrPZwM1DKOvscYpDGYXKsgeh3/6skmZn/IhLWYHY6oanm4ifmY3kU0oNXpKgHR43x3JdkIRKmrEpYULspwdlj/ZKPYxFWhVaSTjJvmSJEgy7ET1xk+eVoKV1xRWm/BugWpbseFAOcI9ZwfH++S8JhfX6GgCIy06RUpM8EcFAWb/GO699ZnQ67qMxNdSWYHtK1zu+9svWgEzPk4zc2TihJsc7DxcfQCNfQ4vKH1Im3+QfG5bRtdyVl9yjbE+o4EWhPEWsTBgBosJfbqfywsuzibhTgyybR0Zzm4JN6Wh5wVazvNutAB291dIJt22XEx5tCyOAjLPybLy3 wim@wim-HP-Compaq-Elite-8300-MT'
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- user:
|
||||||
|
name: egon
|
||||||
|
comment: "Egon Rijpkema"
|
||||||
|
group: admin
|
||||||
|
|
||||||
|
- authorized_key:
|
||||||
|
user: egon
|
||||||
|
key: '{{ item }}'
|
||||||
|
state: present
|
||||||
|
with_items:
|
||||||
|
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUBdTEHUj6MxvfEU7KcI+UPAvqJ9jGJ7hHm3e7XFTb9 egon@egon-pc'
|
||||||
|
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDStPUPXkcu81onUm/le54JCu174yXJJDsthDr96Mv8irBVBWuy5FxnaASuDpmC4QE4s0UAIg1iq/SWrr8qdBQ4OVuYFiW0S7ZJvcoKr/40Wh+T5MeltGQfmkDp6kBsfaMSo6M4tF1c8i+XgOgxb4fxHYb8mFhseztRLx6McxJJJLB0nu+T12WQ01nl0XtwD+3EsZWfxRH0KA59VHZSe3Anc5z+Fm7WU+1Vzy6/pkiIhVReI1L6VVhZsIdSu3fQK6fHQcujtfuw6RKEpisZQqnxMUviWQ98yeQXHk6Nx840WCh3vvKveEAoC4Y/UEZa1TMe6PczfUaLjaidUkpulJsP egon@egon-pc'
|
||||||
|
|
||||||
|
- user:
|
||||||
|
name: hopko
|
||||||
|
comment: "Hopko Meijering"
|
||||||
|
group: admin
|
||||||
|
|
||||||
|
- authorized_key:
|
||||||
|
user: hopko
|
||||||
|
key: 'ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArQsJ0g/a5YOHlk7xcMpHNxiN+up4syzLZfgiICECET/SCDXUN4Xh3BlSWng8hMQMD5sNSADF4AghdLKfuqXG1MMSvzGSVTcRwiZ+Hq6YCoiinpQw0qu7LOZVZeoG8f7sGwhBqe0wKeyPe6Q7nRe0CXvM+aU4XfZz18O/d3mU1S7cEiue02MgH6ff6VTJFqOtLGpL1rILJn3t58N+2CCWxJwGplkp7hRJ9TnhQqCO+PN/p/4neusjembRu5lX+AKX1mv91WYURkxfLE3CWe9V9YJVG0lLgfXDMyghqkTwf8UsMHS5FBy8oTvuC55EhX+xm2Peo1lZlzy7t5Hg2fWYFQ== h.meijering@rug.nl'
|
||||||
|
state: present
|
Reference in New Issue
Block a user