-
-
Save IssacTran/706509892015c4d4ed510f19e92331d8 to your computer and use it in GitHub Desktop.
Revisions
-
jverdeyen revised this gist
Feb 19, 2015 . 1 changed file with 0 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,6 @@ when: deploy_user_created.changed - name: Push the generated ssh key to the Gitlab instance uri: > url="{{ deployer_gitlab_api }}user/keys" method=POST -
Feb 19, 2015 . 2 changed files with 2 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,8 +1,7 @@ --- deployer_user: deploy deployer_group: deploy deployer_groups: ['admin'] deployer_user_ssh_key_file: .ssh/id_rsa deployer_gitlab_api: https://[gitlab-domain]/api/v3/ deployer_gitlab_token: [gitlab-token-for-specific-user] This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,7 +20,7 @@ register: deployer_user_public_key when: deploy_user_created.changed - name: Push the generated ssh key to the Gitlab instance when: deploy_user_created.changed uri: > url="{{ deployer_gitlab_api }}user/keys" -
Feb 19, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,9 @@ --- deployer_group: deploy deployer_groups: ['admin'] deployer_user: deploy deployer_user_ssh_key_file: .ssh/id_rsa deployer_gitlab_api: https://[gitlab-domain]/api/v3/ deployer_gitlab_token: [gitlab-token-for-specific-user] deployer_gitlab_key_title: "{{ ansible_hostname }}_deployer" This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,41 @@ --- - name: Create deployer group group: name={{ deployer_group }} state=present - name: Create deployer user and generate a ssh key user: name={{ deployer_user }} group={{ deployer_group }} groups={{ deployer_groups | join(',') }} state=present shell=/bin/bash generate_ssh_key=yes ssh_key_type=rsa ssh_key_file="{{ deployer_user_ssh_key_file }}" register: deploy_user_created - name: Assign ssh key to a variable shell: cat /home/{{ deployer_user }}/{{ deployer_user_ssh_key_file }}.pub register: deployer_user_public_key when: deploy_user_created.changed - name: Push the generatned ssh key to the Gitlab instance when: deploy_user_created.changed uri: > url="{{ deployer_gitlab_api }}user/keys" method=POST status_code=201 HEADER_PRIVATE-TOKEN="{{ deployer_gitlab_token }}" HEADER_Content-Type="application/json" body="{\"title\": \"{{ deployer_gitlab_key_title }}\", \"key\": \"{{ deployer_user_public_key.stdout_lines.0 }}\"}" when: deploy_user_created.changed - name: Ensure .ssh/config file exists file: state=touch path="/home/{{ deployer_user }}/.ssh/config" - name: Disable host key checking lineinfile: dest=/home/{{ deployer_user }}/.ssh/config line='Host *\n \tStrictHostKeyChecking no\n\tUserKnownHostsFile=/dev/null' - name: Add deploy group to sudoers file and validate lineinfile: dest=/etc/sudoers state=present regexp='^%{{ deployer_group }}' line='%{{ deployer_group }} ALL=(ALL) NOPASSWD:ALL' validate="visudo -cf %s"