Last active
October 15, 2020 18:12
-
-
Save akisvolanis/8955981 to your computer and use it in GitHub Desktop.
Upload ssh key to gitlab for deploy user with ansible
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
deploy_user_name: 'deployer' | |
# More info about password: http://docs.ansible.com/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module | |
# password created with: python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('example_password')" | |
deploy_user_password: <encrypted_password> | |
user_shell: "/bin/bash" | |
deploy_user_home: "/home/{{ deploy_user_name }}" | |
repo_api_token: <your_api_token> | |
repo_project_id: <your_project_id> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- name: Add deployment user | |
user: name={{ deploy_user_name }} password={{ deploy_user_password }} shell="/bin/bash" generate_ssh_key=yes state=present | |
- name: Add authorized deploy user key | |
authorized_key: user={{ deploy_user_name }} key="{{ lookup('file', '~/.ssh/id_rsa.pub') }}" | |
- name: Cat deployer's user public key | |
shell: "cat {{ deploy_user_home }}/.ssh/id_rsa.pub" | |
register: key_value | |
- name: Create ssh_key json | |
template: src=ssh_key.json.j2 dest={{ deploy_user_home }}/ssh_key.json group={{ deploy_user_name }} owner={{ deploy_user_name }} force=yes | |
- name: Cat deployer's user public key | |
shell: "cat {{ deploy_user_home }}/ssh_key.json" | |
- name: Upload deploy keys to gitlab | |
shell: "curl -X POST -H 'Accept: application/json' -H 'Content-type: application/json' -H 'PRIVATE-TOKEN: {{ repo_api_token }}' --data-binary @{{ deploy_user_home }}/ssh_key.json https://gitlab.com/api/v3/projects/{{ repo_project_id }}/keys" | |
- name: Install known_hosts file | |
copy: src=known_hosts dest={{ deploy_user_home }}/.ssh/known_hosts owner={{ deploy_user_name }} group={{ deploy_user_name }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{"id": "{{ repo_project_id }}","title" : "{{ app_name }}_deploy_key","key": "{{ key_value.stdout }}"} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
thanks for sharing :)