upt playbook

playbooks/00_install_ldap_client.yml

@@ -1,4 +1,4 @@
-- hosts: morefine
+- hosts: raspberry
   name: Install omv
   become: true
   tasks:
@@ -99,4 +99,23 @@
       ansible.builtin.service:
         name: nslcd.service
         state: restarted
+        
+    - name: Creating a file with content
+      copy:
+        dest: "/usr/local/bin/fetchSSHKeysFromLDAP"
+        content: |
+          #!/usr/bin/bash
+          ldapsearch  -x '(&(objectClass=ldapPublicKey)(cn='"$1"'))' 'sshPublicKey' |     sed -n '/^ /{H;d};/sshPublicKey:/x;$g;s/\n *//g;s/sshPublicKey: //gp'  
+
+    - name: Reconfigure sshd
+      ansible.builtin.lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: "^#AuthorizedKeysCommand *"
+        line: "AuthorizedKeysCommand /usr/local/bin/fetchSSHKeysFromLDAP"
+
+    - name: Reconfigure sshd
+      ansible.builtin.lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: "^#AuthorizedKeysCommandUser *"
+        line: "AuthorizedKeysCommandUser root"