Skip to content

A
ansible
Commit ed7d3f92 by David Minor Committed by James Cammarata
Options

Add ssh key options parameter to authorized_key module

parent 41aaad69
Showing with 18 additions and 2 deletions
library/system/authorized_key
...@@ -55,10 +55,16 @@ options: ...@@ -55,10 +55,16 @@ options:
version_added: "1.2" version_added: "1.2"
state: state:
description: description:
- Whether the given key should or should not be in the file - Whether the given key (with the given key_options) should or should not be in the file
required: false required: false
choices: [ "present", "absent" ] choices: [ "present", "absent" ]
default: "present" default: "present"
key_options:
description:
- A string of ssh key options to be prepended to the key in the authorized_keys file
required: false
default: null
version_added: "1.3"
description: description:
- "Adds or removes authorized keys for particular user accounts" - "Adds or removes authorized keys for particular user accounts"
author: Brad Olson author: Brad Olson
...@@ -81,6 +87,11 @@ EXAMPLES = ''' ...@@ -81,6 +87,11 @@ EXAMPLES = '''
with_file: with_file:
- public_keys/doe-jane - public_keys/doe-jane
- public_keys/doe-john - public_keys/doe-john
# Using key_options:
- authorized_key: user=charlie
key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
key_options='no-port-forwarding,host="10.0.1.1"'
''' '''
# Makes sure the public key line is present or absent in the user's .ssh/authorized_keys. # Makes sure the public key line is present or absent in the user's .ssh/authorized_keys.
...@@ -189,6 +200,7 @@ def enforce_state(module, params): ...@@ -189,6 +200,7 @@ def enforce_state(module, params):
path = params.get("path", None) path = params.get("path", None)
manage_dir = params.get("manage_dir", True) manage_dir = params.get("manage_dir", True)
state = params.get("state", "present") state = params.get("state", "present")
key_options = params.get("key_options", None)
key = key.split('\n') key = key.split('\n')
...@@ -199,6 +211,9 @@ def enforce_state(module, params): ...@@ -199,6 +211,9 @@ def enforce_state(module, params):
# Check our new keys, if any of them exist we'll continue. # Check our new keys, if any of them exist we'll continue.
for new_key in key: for new_key in key:
if key_options is not None:
new_key = key_options + ' ' + new_key
present = new_key in keys present = new_key in keys
# handle idempotent state=present # handle idempotent state=present
if state=="present": if state=="present":
...@@ -227,7 +242,8 @@ def main(): ...@@ -227,7 +242,8 @@ def main():
key = dict(required=True, type='str'), key = dict(required=True, type='str'),
path = dict(required=False, type='str'), path = dict(required=False, type='str'),
manage_dir = dict(required=False, type='bool', default=True), manage_dir = dict(required=False, type='bool', default=True),
state = dict(default='present', choices=['absent','present']) state = dict(default='present', choices=['absent','present']),
key_options = dict(required=False, type='str')
) )
) )
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment