volker.raschek/ansible-role-unix-users
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Projects Releases Wiki Activity

Compare commits

base: volker.raschek:0.1.3
Branches Tags
volker.raschek:master volker.raschek:renovate/ansible-ansible-lint-26.x
volker.raschek:0.2.3 volker.raschek:0.2.2 volker.raschek:0.2.1 volker.raschek:0.2.0 volker.raschek:0.1.3 volker.raschek:0.1.2 volker.raschek:0.1.1 volker.raschek:0.1.0
...
compare: volker.raschek:renovate/ansible-ansible-lint-26.x
Branches Tags
volker.raschek:renovate/ansible-ansible-lint-26.x volker.raschek:master
volker.raschek:0.2.3 volker.raschek:0.2.2 volker.raschek:0.2.1 volker.raschek:0.2.0 volker.raschek:0.1.3 volker.raschek:0.1.2 volker.raschek:0.1.1 volker.raschek:0.1.0

18 Commits
0.1.3 ... renovate/a

Author SHA1 Message Date
CSRBot
a732eb0479 chore(deps): update ansible/ansible-lint action to v26
All checks were successful
Lint Markdown files / markdown-lint (pull_request) Successful in 4s
Details
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
Ansible Linter / ansible-lint (pull_request) Successful in 58s
Details
2026-01-08 17:01:25 +00:00
Markus Pesch
1ec88f37fb fix(ci): use dynamic github repository name
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 19s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Release Ansible Role / Release Ansible Role (push) Successful in 56s
Details
2026-01-07 16:09:07 +01:00
Markus Pesch
09c4173eaf docs(ci): get steps a dedicated name
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 19s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
2026-01-07 16:02:12 +01:00
Markus Pesch
14f856fdea fix(ci): add release workflow
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 20s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Release to Ansible Galaxy / release (push) Successful in 59s
Details
2026-01-07 16:00:01 +01:00
Markus Pesch
86d85c431c fix!: rename environments to envs
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 19s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
2026-01-07 11:16:12 +01:00
Markus Pesch
88e9a163e1 docs: support environment variables in authorized_keys file
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
2026-01-07 10:35:40 +01:00
Markus Pesch
69491c9aa0 feat: support environment variables in authorized_keys file
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 21s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
2026-01-07 10:28:13 +01:00
Markus Pesch
47d9a58910 fix: replace deprecated INJECT_FACTS_AS_VARS
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 17s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
2026-01-05 10:28:33 +01:00
CSRBot
e176bb0bee Merge pull request 'chore(deps): update ansible/ansible-lint action to v25.12.2' (#45) from renovate/actions into master
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
2025-12-22 20:06:24 +00:00
CSRBot
9acd6de876 chore(deps): update ansible/ansible-lint action to v25.12.2
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Lint Markdown files / markdown-lint (pull_request) Successful in 5s
Details
Ansible Linter / ansible-lint (pull_request) Successful in 56s
Details
2025-12-22 20:01:29 +00:00
CSRBot
c0566e2416 Merge pull request 'chore(deps): update ansible/ansible-lint action to v25.12.1' (#44) from renovate/actions into master
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 17s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
2025-12-10 14:06:34 +00:00
CSRBot
509882a193 chore(deps): update ansible/ansible-lint action to v25.12.1
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 17s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Ansible Linter / ansible-lint (pull_request) Successful in 17s
Details
Lint Markdown files / markdown-lint (pull_request) Successful in 4s
Details
2025-12-10 14:01:33 +00:00
CSRBot
e98925af4b Merge pull request 'chore(deps): update actions/checkout action to v6' (#43) from renovate/actions-checkout-6.x into master
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
2025-12-02 21:09:51 +00:00
CSRBot
8a25dac377 chore(deps): update actions/checkout action to v6
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (pull_request) Successful in 4s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Ansible Linter / ansible-lint (pull_request) Successful in 59s
Details
2025-12-02 21:01:40 +00:00
CSRBot
7602cc621c Merge pull request 'chore(deps): update ansible/ansible-lint action to v25.12.0' (#42) from renovate/actions into master
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 18s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
2025-12-02 17:05:49 +00:00
CSRBot
b7560320dc chore(deps): update ansible/ansible-lint action to v25.12.0
All checks were successful
Ansible Linter / ansible-lint (pull_request) Successful in 17s
Details
Lint Markdown files / markdown-lint (pull_request) Successful in 5s
Details
Lint Markdown files / markdown-lint (push) Successful in 4s
Details
Ansible Linter / ansible-lint (push) Successful in 59s
Details
2025-12-02 17:01:25 +00:00
CSRBot
4241502728 Merge pull request 'chore(deps): update ansible/ansible-lint action to v25.11.1' (#41) from renovate/actions into master
All checks were successful
Lint Markdown files / markdown-lint (push) Successful in 11s
Details
Ansible Linter / ansible-lint (push) Successful in 18s
Details
2025-11-24 23:06:01 +00:00
CSRBot
f5062ff179 chore(deps): update ansible/ansible-lint action to v25.11.1
All checks were successful
Ansible Linter / ansible-lint (push) Successful in 17s
Details
Lint Markdown files / markdown-lint (push) Successful in 5s
Details
Ansible Linter / ansible-lint (pull_request) Successful in 18s
Details
Lint Markdown files / markdown-lint (pull_request) Successful in 5s
Details
2025-11-24 23:01:45 +00:00
6 changed files with 67 additions and 8 deletions
Expand all files Collapse all files

4
.gitea/workflows/ansible-linters.yaml
View File

@@ -12,9 +12,9 @@ jobs:
runs-on:
- ubuntu-latest
steps:
- uses: actions/checkout@v5.0.1
- uses: actions/checkout@v6.0.1
- name: Run ansible-lint
uses: ansible/ansible-lint@v25.11.0
uses: ansible/ansible-lint@v26.1.0
with:
args: "--config-file .ansible-lint"
setup_python: "true"

2
.gitea/workflows/markdown-linters.yaml
View File

@@ -12,7 +12,7 @@ jobs:
runs-on:
- ubuntu-latest
steps:
- uses: actions/checkout@v5.0.1
- uses: actions/checkout@v6.0.1
- uses: DavidAnson/markdownlint-cli2-action@v21.0.0
with:
globs: '**/*.md'

21
.gitea/workflows/release.yaml Normal file
View File

@@ -0,0 +1,21 @@
name: Release Ansible Role
on:
push:
tags:
- '**'
jobs:
release:
name: Release Ansible Role
runs-on: ubuntu-latest
steps:
- name: Install Ansible Galaxy
run: |
apt update --yes
apt install --yes ansible
- env:
ANSIBLE_GALAXY_TOKEN: ${{ secrets.ANSIBLE_GALAXY_TOKEN }}
name: Update Ansible Role in Ansible Galaxy
run: |
ansible-galaxy role import --token=${ANSIBLE_GALAXY_TOKEN} volker-raschek ${GITHUB_REPOSITORY#*/}

14
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,14 @@
{
"ansible.python.interpreterPath": "/bin/python",
"files.associations": {
"**/.gitea/**/*.yml": "yaml",
"**/.gitea/**/*.yaml": "yaml",
"docker-compose*.yml": "dockercompose",
"*.yml": "ansible",
"*.yaml": "ansible",
".yamllint": "yaml",
".yamllint.yml": "yaml",
".yamllint.yaml": "yaml"
},
"rewrap.wrappingColumn": 120
}

9
README.md
View File

@@ -77,7 +77,11 @@ The SSH client directory `~/.ssh` can also be managed via the Ansible role. This
`~/.ssh/config`, `~/.ssh/authorized_keys` as well as the maintenance of private and public SSH keys.
The following example create two entries in `~/.ssh/authorized_keys`. One normal SSH access for `claire`. If `bob`
establish a SSH connection the command `/usr/local/bin/upload-file.sh` will be executed and exited.
establish a SSH connection the command `/usr/local/bin/upload-file.sh` will be executed and exited. Furthermore,
environment variables can be espcilitly defined, to consume it during execution of the command.
> [!IMPORTANT]
> To allow consuming environment variables must be set `PermitUserEnvironment yes` in `/etc/ssh/sshd_config`.
The private key `toor@toor-pc.ed25519.key` must be stored in `ssh/private_keys`. The public key will be automatically
extracted from the private key.
@@ -99,6 +103,9 @@ unix_users:
authorized_keys:
- filename: claire@claire-pc.pub
- command: /usr/local/bin/upload-file.sh
envs:
- key: SSH_KEY_NAME
value: bob@bob-pc
filename: bob@bob-pc.pub
private_keys:
- toor@toor-pc.ed25519.key

25
templates/authorized_keys.j2
View File

@@ -3,9 +3,26 @@
# {{ ansible_managed }}
#
{% for authorized_key in unix_user.value.ssh.authorized_keys %}
{% if authorized_key.command is defined and authorized_key.command | length > 0 %}
command="{{ authorized_key.command }}" {{ lookup('file', 'ssh/authorized_keys/' + authorized_key.filename ) }}
{% else %}
{% set _args = [] %}
{% if authorized_key.command is defined and authorized_key.command | length > 0 %}
{% set _args = _args + [ "command=\"" + authorized_key.command + "\"" ] %}
{% endif %}
{% if authorized_key.envs is defined %}
{% set ns = namespace(envs=[]) %}
{% for environment in authorized_key.envs %}
{% if environment.key is defined and environment.key | length > 0 and
environment.value is defined and environment.value | length > 0
%}
{% set ns.envs = ns.envs + [ environment.key + "=" + environment.value ] %}
{% endif %}
{% endfor %}
{% if ns.envs | length > 0 %}
{% set _args = _args + [ "environment=\"" + (ns.envs | join(',')) + "\"" ] %}
{% endif %}
{% endif %}
{% if _args | length > 0 %}
{{ _args | join(',') }} {{ lookup('file', 'ssh/authorized_keys/' + authorized_key.filename ) }}
{% else %}
{{ lookup('file', 'ssh/authorized_keys/' + authorized_key.filename ) }}
{% endif %}
{% endif %}
{% endfor %}