d2bab25d63
This role also sets up authorized_keys so that inter-node ssh works between the hosts for alternative users. This role will be useful for things like devstack, which require an additional user be able to ssh around for things like nova's migrations. The role can be called multiple times, with a different target user each time. It is assumed that the user already exists. Change-Id: I5972d66a48802fce0c1ebb885be00c5803ff0e9a
26 lines
657 B
YAML
26 lines
657 B
YAML
---
|
|
# Add the authorization first, to take advantage of manage_dir
|
|
- name: Authorize build key
|
|
authorized_key:
|
|
user: "{{ copy_sshkey_target_user }}"
|
|
manage_dir: yes
|
|
key: "{{ lookup('file', zuul_temp_ssh_key ~ '.pub') }}"
|
|
|
|
# Use a block to add become to a set of tasks
|
|
- block:
|
|
- name: Install the build private key
|
|
copy:
|
|
src: "{{ zuul_temp_ssh_key }}"
|
|
dest: "~/.ssh/id_rsa"
|
|
mode: 0600
|
|
force: no
|
|
|
|
- name: Install the build public key
|
|
copy:
|
|
src: "{{ zuul_temp_ssh_key }}.pub"
|
|
dest: "~/.ssh/id_rsa.pub"
|
|
mode: 0644
|
|
force: no
|
|
become: true
|
|
become_user: "{{ copy_sshkey_target_user }}"
|