Ansible copy ssh public key from file,in uri call

问题描述 投票:-1回答:1

我需要从本地文件复制SSH公钥,然后在我的剧本的uri任务中使用它。请记住,我不能使用“ authorized_key”模块,因为这是我必须使用API​​为用户配置公用密钥的系统。

下面的代码不断失败,由于我使用的是过滤器,因此我100%确信其错误。我包括对身体有用的注释掉的部分。尝试通过regex_search使用查找时,我使用了在Python中有效的[^ \ s] \ s [^ \ s]。密钥也位于我的本地主机的其他目录中(../../ ssh / ssh_key / key.pub)

有什么想法吗?

- name: copy public key to gitea
  hosts: localhost

  tasks:

          - name: include user to add as variable
            include_vars:
              file: users.yaml
              name: users

          - name: Gather users key contents and create variable
            # shell: "cat ../keys/ssh_keys/zz123z.pub | awk '{print $1 FS $2}'"
            shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '{print $1 FS $2}'"
            register: key
            with_items:
              - "{{users.user}}"



          - name: Add user's key to gitea
            uri:
              url: https://10.10.10.10/api/v1/admin/users/{{ item.username }}/keys
              headers:
                Authorization: "token {{ users.GiteaApiToken }}"
              validate_certs: no
              return_content: yes
              status_code: 201
              method: POST
              body: "{\"key\": \"{{ key.stdout }}\", \"read_only\": true, \"title\": \"{{ item.username }} shared 
              body_format: json
            with_items:
              - "{{users.user}}"

这是我在使用-vvv时收到的错误

TASK [Add user's key to gitea] *************************************************
task path: /home/dave/projects/Infrastructure/ansible/AddTempUsers/addusers.yaml:275
Wednesday 04 March 2020  18:14:29 -0500 (0:00:00.537)       0:00:01.991 ******* 
fatal: [localhost]: FAILED! => {
    "msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to be in '/home/dave/projects/Infrastructure/ansible/AddTempUsers/addusers.yaml': line 275, column 13, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n          - name: Add user's key to gitea\n            ^ here\n"
}
regex api ansible jinja2 public-key
1个回答
0
投票

我想通了!

  1. 使用过的shell和awk命令来收集密钥。 (注意:包括一个用于RSA密钥的awk和一个用于id_ed25519的awk。我们已将RSA注释掉,但如果其他人希望使用,则可以注释。)
  2. 使用循环控件迭代结果。

下面的代码:

- name: copy public key to gitea
  hosts: localhost

  tasks:

          - name: include user to add as variable
            include_vars:
              file: users.yaml
              name: users

          - name: Gather users key contents and create variable
            # For RSA Keys
            # shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '/-END PUBLIC KEY-/ { p = 0 }; p; /-BEGIN PUBLIC KEY-/ { p = 1 }'
            # For id_ed5519 Keys
            shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '{print $1 FS $2}'"
            register: key
            with_items:
              - "{{users.user}}"

          - name: Add user's key to gitea
            uri:
              url: https://10.10.10.10/api/v1/admin/users/{{ item.username }}/keys
              headers:
                Authorization: "token {{ users.GiteaApiToken }}"
              validate_certs: no
              return_content: yes
              status_code: 201
              method: POST
              body: "{\"key\": \"{{ key.results[ndx].stdout }}\", \"read_only\": true, \"title\": \"{{ item.username }} shared VM\"}"
              body_format: json
            with_items:
              - "{{users.user}}"
            loop_control:
              index_var: ndx
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.