archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #554 from likwid/devel

Browse Source 
Added ability to use url as key source
reviewable/pr18780/r1
Brian Coca 10 years ago
parent 600fc15b42 27c046ae79
commit b9786835eb
1 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File

20
system/authorized_key.py
Unescape Escape View File

@ -37,7 +37,7 @@ options:
aliases: []
key:
description:
- The SSH public key, as a string
- The SSH public key(s), as a string or url (https://github.com/username.keys)
required: true
default: null
path:
@ -79,6 +79,9 @@ EXAMPLES = '''
# Example using key data from a local file on the management machine
- authorized_key: user=charlie key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
# Using github url as key source
- authorized_key: user=charlie key=https://github.com/charlie.keys
# Using alternate directory locations:
- authorized_key: user=charlie
key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
@ -97,6 +100,7 @@ EXAMPLES = '''
- authorized_key: user=charlie
key="{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"
key_options='no-port-forwarding,host="10.0.1.1"'
'''
# Makes sure the public key line is present or absent in the user's .ssh/authorized_keys.
@ -332,11 +336,22 @@ def enforce_state(module, params):
manage_dir = params.get("manage_dir", True)
state = params.get("state", "present")
key_options = params.get("key_options", None)
error_msg = "Error getting key from: %s"
# if the key is a url, request it and use it as key source
if key.startswith("http"):
try:
resp, info = fetch_url(module, key)
if info['status'] != 200:
module.fail_json(msg=error_msg % key)
else:
key = resp.read()
except Exception:
module.fail_json(msg=error_msg % key)
# extract individual keys into an array, skipping blank lines and comments
key = [s for s in key.splitlines() if s and not s.startswith('#')]
# check current state -- just get the filename, don't create file
do_write = False
params["keyfile"] = keyfile(module, user, do_write, path, manage_dir)
@ -418,4 +433,5 @@ def main():
# import module snippets
from ansible.module_utils.basic import *
from ansible.module_utils.urls import *
main()

Write Preview
Loading…
Cancel
Save