Instead of janking read-only git bullshit, how about we actually generate some keys?
This commit is contained in:
parent
e898ee97b4
commit
51869e069a
@ -11,7 +11,27 @@
|
||||
become: yes
|
||||
- name: Bootstrap user
|
||||
block:
|
||||
- name: Configure SSH keys
|
||||
- name: Generate keypair
|
||||
openssh_keypair:
|
||||
comment: "{{ user_username }}@{{ inventory_hostname }}"
|
||||
path: $HOME/.ssh/id_rsa
|
||||
mode: "0600"
|
||||
register: keypair
|
||||
- name: Register keypair with Gitea
|
||||
uri:
|
||||
url: "https://git.9iron.club/api/v1/user/keys"
|
||||
method: POST
|
||||
headers:
|
||||
accept: "application/json"
|
||||
Authorization: "token {{ gitea_api_token }}"
|
||||
body_format: json
|
||||
body:
|
||||
key: "{{ keypair.public_key }}"
|
||||
read_only: yes
|
||||
title: "{{ inventory_hostname }}"
|
||||
status_code: 201
|
||||
when: keypair is changed
|
||||
- name: Configure authorized hosts
|
||||
authorized_key:
|
||||
user: "{{ user_username }}"
|
||||
manage_dir: yes
|
||||
@ -30,16 +50,19 @@
|
||||
name: url."https://github.com/".insteadOf
|
||||
value: "git@github.com:"
|
||||
scope: global
|
||||
state: absent
|
||||
- name: Configure git SSH substitute for GitLab
|
||||
git_config:
|
||||
name: url."https://gitlab.com/".insteadOf
|
||||
value: "git@gitlab.com:"
|
||||
scope: global
|
||||
state: absent
|
||||
- name: Configure git SSH substitute for 9iron
|
||||
git_config:
|
||||
name: url."https://git.9iron.club/".insteadOf
|
||||
value: "git@git.9iron.club:"
|
||||
scope: global
|
||||
state: absent
|
||||
- name: Clone bootstrap script
|
||||
git:
|
||||
accept_hostkey: yes
|
||||
|
Loading…
Reference in New Issue
Block a user