From e533402c2809b75158f29b23591bb2bfde8d731b Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Wed, 14 Mar 2018 15:04:05 +0100
Subject: [PATCH] Dstribute pub keys of all admins to all hosts in the same
 farm

---
 tasks/admin_keys.yml  | 14 ++++++++++++++
 tasks/main.yml        |  8 +++++---
 tasks/tunnel_keys.yml | 14 --------------
 3 files changed, 19 insertions(+), 17 deletions(-)
 create mode 100644 tasks/admin_keys.yml
 delete mode 100644 tasks/tunnel_keys.yml

diff --git a/tasks/admin_keys.yml b/tasks/admin_keys.yml
new file mode 100644
index 0000000..301cae5
--- /dev/null
+++ b/tasks/admin_keys.yml
@@ -0,0 +1,14 @@
+---
+# file: roles/commonkeys/tasks/admin_keys.yml
+
+- name: "Read public key of admin user"
+  shell: cat /home/{{ username }}/.ssh/id_rsa.pub
+  register: pubkey
+
+- name: "Distribute public key of admin user"
+  authorized_key:
+    user='{{ username }}'
+    key="{{ hostvars[item].pubkey.stdout }} {{ item }}"
+    path='/home/{{ username }}/.ssh/fresh_auth_keys_tunnel_{{ item }}'
+  with_items: '{{ groups.all }}'
+  when: item != "localhost" and inventory_hostname != "localhost" and hostvars[item].pubkey is defined
diff --git a/tasks/main.yml b/tasks/main.yml
index a7a3b80..0757924 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,9 +14,11 @@
       loop_var: hostname
     when: hostname != "localhost" and inventory_hostname != "localhost"
 
-  - name: "Tunnel keys"
-    include: tunnel_keys.yml
-    when: tunnel_user_name|default('systunnel') in admins
+  - name: "Admin keys"
+    include: admin_keys.yml
+    loop_control:
+      loop_var: username
+    with_items: '{{ admins }}'
     tags: 'Keys'
 
   - name: "User keys"
diff --git a/tasks/tunnel_keys.yml b/tasks/tunnel_keys.yml
deleted file mode 100644
index 2e8a525..0000000
--- a/tasks/tunnel_keys.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-# file: roles/commonkeys/tasks/tunnel_keys.yml
-
-- name: "Read public key of tunnel user"
-  shell: cat /home/{{ tunnel_user_name }}/.ssh/id_rsa.pub
-  register: pubkey
-
-- name: "Distribute public key of tunnel user"
-  authorized_key:
-    user='{{ tunnel_user_name }}'
-    key="{{ hostvars[item].pubkey.stdout }} {{ item }}"
-    path='/home/{{ tunnel_user_name }}/.ssh/fresh_auth_keys_tunnel_{{ item }}'
-  with_items: '{{ groups.all }}'
-  when: item != "localhost" and inventory_hostname != "localhost" and hostvars[item].pubkey is defined
-- 
GitLab