jaydee/ansible
1
0
Fork 0
mirror of https://gitlab.sectorq.eu/jaydee/ansible.git synced 2025-10-30 18:01:11 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

upt playbook

Browse Source
This commit is contained in:
jaydee
2023-08-22 15:22:19 +02:00
parent 509a9c9633
commit 5334267773
1 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
playbooks/00_install_ldap_client.yml
View File

@@ -1,4 +1,4 @@
- hosts: morefine - hosts: raspberry
name: Install omv name: Install omv
become: true become: true
tasks: tasks:
@@ -99,4 +99,23 @@
ansible.builtin.service: ansible.builtin.service:
name: nslcd.service name: nslcd.service
state: restarted state: restarted
- name: Creating a file with content
copy:
dest: "/usr/local/bin/fetchSSHKeysFromLDAP"
content: |
#!/usr/bin/bash
ldapsearch -x '(&(objectClass=ldapPublicKey)(cn='"$1"'))' 'sshPublicKey' | sed -n '/^ /{H;d};/sshPublicKey:/x;$g;s/\n *//g;s/sshPublicKey: //gp'
- name: Reconfigure sshd
ansible.builtin.lineinfile:
path: /etc/ssh/sshd_config
regexp: "^#AuthorizedKeysCommand *"
line: "AuthorizedKeysCommand /usr/local/bin/fetchSSHKeysFromLDAP"
- name: Reconfigure sshd
ansible.builtin.lineinfile:
path: /etc/ssh/sshd_config
regexp: "^#AuthorizedKeysCommandUser *"
line: "AuthorizedKeysCommandUser root"