diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-06-01 03:58:57 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-06-01 03:58:57 +0200 |
| commit | 51c9458c77f872a56a0635e7fda9d806f3662a32 (patch) | |
| tree | b556009962fc0a38a85baf475694f35ee2b9760d /inventory/group_vars | |
| parent | add cpu-microcode role (diff) | |
major refactoring of users database
Diffstat (limited to 'inventory/group_vars')
| -rw-r--r-- | inventory/group_vars/all/main.yml | 10 | ||||
| -rw-r--r-- | inventory/group_vars/all/users.yml | 47 | ||||
| -rw-r--r-- | inventory/group_vars/chaos-at-home/main.yml | 6 | ||||
| -rw-r--r-- | inventory/group_vars/ele-ap/main.yml | 4 | ||||
| -rw-r--r-- | inventory/group_vars/ele-dolmetsch-raspi/main.yml | 5 | ||||
| -rw-r--r-- | inventory/group_vars/ele-ups/main.yml | 4 | ||||
| -rw-r--r-- | inventory/group_vars/realraum/main.yml | 2 | ||||
| -rw-r--r-- | inventory/group_vars/skillz/main.yml | 11 |
8 files changed, 51 insertions, 38 deletions
diff --git a/inventory/group_vars/all/main.yml b/inventory/group_vars/all/main.yml index 61e78fe5..4fc2198b 100644 --- a/inventory/group_vars/all/main.yml +++ b/inventory/group_vars/all/main.yml @@ -6,7 +6,15 @@ global_cache_dir: "{{ inventory_dir }}/../.cache" # Directory for static assets global_files_dir: "{{ inventory_dir }}/../files" -ssh_keys_root: "{{ ssh_keys.equinox[env_group] }}" +ssh_users_root: + - equinox +ssh_keys_root: "{{ ssh_users_root | default([]) | map('extract', users) | map(attribute='ssh') | flatten | list }}" + +admin_users_host: [] +ssh_allowusers_host: "{{ admin_users_host }}" + +admin_users_group: [] +ssh_allowusers_group: "{{ admin_users_group }}" apt_repo_provider: default diff --git a/inventory/group_vars/all/users.yml b/inventory/group_vars/all/users.yml index c256ee0a..3d81e8f6 100644 --- a/inventory/group_vars/all/users.yml +++ b/inventory/group_vars/all/users.yml @@ -1,25 +1,32 @@ --- -equinox_user: - name: equinox - password: "{{ vault_equinox_password }}" - shell: /bin/zsh - ssh_keys: "{{ ssh_keys.equinox[env_group] }}" +users: + equinox: + ssh: "{{ ssh_key_map.equinox[env_group] }}" + + dan: + ssh: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqYaVxQQRFs4XFboiZybRRkVXc8ONsH+1Af+05COaJXetGOH/BoZH+6R4tJ5N8hF2K5gkAwk3qI4P/Z7vrgLK0AD9zAClqLqd41/CfKy40kaDc8C2oTg0lQJuaoZcNHmkFTZZOcPsf12XemOCwx016d5F03t6KRQtho3vmZZAaRbGNRESDf99RWhU8yQ9XoV0IDmXF3psooTNwpLthVMQBEjLio7bN3oe656nKmtHWz8v2vVVfD8tI4RRw8bbO1WQ7WjMg0m4Dr7ylmcej3RnplzyJA1s3Ll4F0yvmFPlEB2p4vjLCxm4kClVyBSplskA7uu65pX1zmFs81JjpHokW0X3t2myYW31fa1vLxFFpJWAAMlZnkMUB7+q2HYyJDE9Pz9LcI6tDg7PofzGa62YympJ8AXgQC4ltzKm2Zl9mHNpql8O0GjoX69g/E86sKuaxycZfJFskY4mpuuy0mcginwhotylKv52AjfuvYl0VQjGWmwWiutCjbSVrMCKmTwbwtshQ5Zv6oyv5w4vYnSgfN+SpwtVYpywdksbLYrHNvVjs8iVac/sXXKHxL4NHlPOCmgJMIXu8THRpw8rhWYgK94hmQ6St9J4jv8iZaN+4FR6gwbm65N7vzH6nCy+GH0/HykS4siLr8Hl7w93q9e6A6Of7C2RnI/tDaACh2SZuGQ== dan@dan777 + + brt: + ssh: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3RtIKWtiV9OsqiTBo4r+2H0deWv5HM3xS3ovekjypYF1fw+mqd4ELA6VcRKNgGROInZfPuPUOuJtsWcHDsNrInZuj9a6AmgbTyrJcfY61PKPELg54OVeAEw9EiWK03jnphQ9sSlMxFqGfypH+s7WfyKVqxNc+z5pLEkkOlin/A3ShaHZehO2v36xPRaXvhyxzrHG7jVDCL+5tc6r9kIyhaDORXj/UZGwxE9MBIQRzNrbW0r3cbSyeoHKUGBzjg99ujNpOIegnlTol9/pANfn4ElHko+gOjhyM7nylo+WayXfeCbtV3pwr0GPvy0snjGG4E+e6oE1+l+xKHKlg4A4c2axMYqp8OyumsmIVT1nmarkivwTxEqOBqmIXuWsgumcZ1RaCJ5BxlIdzjkpjw9Gy0hNAnnEfzjWy91w+/pYW6YnVhlNevA0BM9kPwGqELOyhfBAckM6UCJVWx69MVzrl6my06EfmY4rmlFM3B0kAsMw1ThWW84S1lc5GckDdxkrz9sYeWVeAyxvyoZgmUcQ7OjWG9IRz578SucXnv1O47xSYh0RnwNIl34yTHUFxXsxw7RdZDPcEbk+ZSk4c67yoRup9CXhw1rPTvEFRYfMLr0cBtR9fiwu5StwwzvMsJNpZ/QMPthLYpUNePjwPINWZu6VCN56PKjRxMesNDvSt1Q== brt@fdread + + datacop: + ssh: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+KjkOctp2vwQxjJxwAjo2X139WrVj9Krx9cqGItj02rvbo5tSGuQ7HTfBOlB0ezZG2kLAS+kK5Gt3d2qyZo63Cn3XnfK8opGWxEbcBDbN/HrjAUjPUZG/Se5nOYBWvTKpLNe9+BG7CXpohh31u+gwZTXu1y0sXaS8Xi7z8J/v/3UtmHdrq+OuO4IakAnxgt2zGV/V7Gwga5Gkym0M3UjEYmz9ATMr49S6EeWG5/7Fpraxo6sWXK/sDCnU6vyHZxTMhQwAKzpG8wBjTj8b+ThIAu2PpliJSdi89HKD0ag0hvgYkJoZ81j6mGnNOROA6yU5r2hJXbp3BvqR5PJbXmBkP37ZHS9nYwPuRrNbB7+RKQ3Wqt1KvLCpRysu8IOyRgADtR8YNYlRhzg/cIYR0WwqGW82bbfX3MQ1EpyogyO30iZmIo7dF4Lnl46zwHQYK3rjizagjOScm3BbzswRPzeqoITJ5CBC0CMEW6/WtIc6M15R/9gkHt7Gfk9UZQBmOW+nqnDlBpaIqEZMKWUDl9jdRNTCEEq3o8wOP6CLdSBRHg7EdbEztjMOl8kEry7xxNu0o5jNpX8q9JgL82j/7pgMP5shqPcjxLFe4PwzgDdtYA83vu4GVYeukOrN/nYeMGBSMpEYzrNIz6MFtO+A2sQPBkGWd6w8REIGRbCJGcoxZw== datacop@wireloss.net -dan_user: - name: dan - password: "{{ vault_dan_password }}" - shell: /bin/zsh - ssh_keys: "{{ ssh_keys.dan }}" + nhg: + ssh: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd1se9DUnMWXjF4a770J4rl6L9zFmNKc7TzN0hsapUS bene@klapprechner -brt_user: - name: brt - password: "{{ vault_brt_password }}" - shell: /bin/zsh - ssh_keys: "{{ ssh_keys.brt }}" +user_passwords: + equinox: "{{ vault_equinox_password }}" + dan: "{{ vault_dan_password }}" + brt: "{{ vault_brt_password }}" -ssh_keys: +ssh_key_map: equinox: chaos-at-home: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDL8afqxWieebpxezBuLj2CIx/iAuTY9ziJt8JCJE0qYh+B2wXe9e+sPaKwz5yyS0X0MoEPHbYuVytxGQfGhdVR57gWWTYq5MBBFEqmu5MexAFKlNxad4TNQQwhs7rnI+lptKJO+rqeG/vaQBgao+61ZVwRR5Zr1zsXEoo5m4VB8VPo3TW0nSb97LdMyUmb1TaqDKJ5hrtrV6YcokXzE8FwHMK15oJsuJC7YUReijol3hGsRVw1H5S1zu4uDz7G32dPVxoLOPgupnf0SxnXdNVfNU50MHHSK68HzBXz4/rE1YLacRPloOhO7xegkWd5KGa09opEbUGzGu/lSXgHuAJpPgloy14cehDhLJ7F7SbXK4QBBtVgV+1CYXG2eJsRHIdkWiTWLuG+QZ4oEFLjQBjWpUYsEiDt9FEtSVCtKH2vBk26ps5yIoSCtYq6POvg9miGgcpQA6HHwh5ekVUaKRGWuMdAIvjvQSlCsFjYkxD1NpCgU1RhyWWTI3xTSKzTxcXiCWWZoBDJVoW46EpSvySsOpxL/hLxJwMR8ouc6cPRZZl3m51824Rv3LdEXNBmn3vnojzIvrOed3sxpD0+7+tbA4J1uTbAxtkOMhK94WXKiUAOD7e5bJYdzajvDD2T9tkj/Mqdo8z3iR2/yjkGMEAeWWVOQEh7QhQS7OFEAKK4fw== equinox@chaos-at-home.org @@ -33,11 +40,3 @@ ssh_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUW4fz/Vs4w5JMIFxoftimcbkqksZPDMfbHH/wfPKFAfJdi+fdGfWqqP7hy2/1iREF5W0L5dz9zQus0xS1/kkneUUL3CCKBD3+VzZqIbhy5rMlifd+jacVV+UZGhl/WP/wagu4+Mv0/ksXIlN6/2Pv2+ojjpGeCv4FHG/kR68zKoKNLxjHiTKt3LM9AFtx3Pn3ghIO3egbzaQ8vnTdQjGJHiosfKxiGZfnkAWvrMMq1sCJUJS7A8n2S3QUjoap3OYrVqFcPO4R/VaCaBWVdSKrymnpOGABvP9QuGenZ0CFXgl+p5QwKJz7n3CQHooUai+FPmmrCmtRV1QICyON8vdNI4hU5O1ksZOYxa0vptfqd//FMyauek5JzCDr4ExOWaZvhGsvZdLuWwiN/8KwpsgY+duiqWVC9jCOymFBPQ0Qik1hjCLXUWxDKcJIpF3WfHaHPESAlmNCKPbH5X7oBDOI5k96J34vDl1cBLjcVydtwfwbJmbApOMz3IukoUlYusbvLo2bJicHolkNrlS6qcSbaPpKsrjZ5II0Fks/S39q5rE//nVsY5oE35Gm5Pb7gndSuo/l01WOANYmKuYiwUz/XC62fis7fxiCxmLPMG3PIym7E3pe+lTjSOI3SN24cgwArDEvGZhqeyOHN468Yt8mPersXvY/cUMS1XFvLadtnw== equinox@mur.at realraum: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDj7AcnQZCRihToOI7/L5YslP4bkZlZwR2dg6hV8EfQ+37z1p0imhoqc2Oz/zIEgOVARBHkn5XmfR9Bu6e3YfKpXpJXC9O3jpRSw34Xac/8qXzWZsqVAXbtzvBlYA/G4j0NQM9XIVBa1ZzBZu87xeE4KUWzO80fnQ+G3GSBp28BM4TUiSOmX9y58chPZfUp2DE80fInoXv11ikLLCBDXfMkzFCZ4Gcexhr0TYcBUgLV7ufL0xqLg4yE+Z21PLtttvVYgZIers2nWetLPoREi5yDGKeCjJVyT00X2rp6h3eFkc/VaHfb5c2MY9/4BOt+cbFCx73sG0C1SnSzWd624K/8CEoJTsX4MazLLrxwi3hIwiYX1mCCfq4+S4PpSFvMUGdMWB52PkBRXulQislCVBA/lzma93xJr1jWVFSikjkvAUt8Zt33vHMRd7RMYDfsDVIEKpUT49cBj0v7zs6IVE858J33sUZoVXaiA2sjsap8RguNtjJMSYx8+nwkQAjxwlTiV2J6pHGQHJDyeVsqGlnMpEk32ZeSs/BQ7XWPG62FT3SN6E4C/fa8dawvs7RgY0cbZkhucECBu9Zto/KakIhzLtFzgDighPmK5SlAPoNEJLJYPo5ry2SBTysc4uV7xYZSQ6OVofeQeFXKL8oPe/ZAvKafn3Zk0mQcCtH0Z8q8iQ== equinox@realraum.at - datacop: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+KjkOctp2vwQxjJxwAjo2X139WrVj9Krx9cqGItj02rvbo5tSGuQ7HTfBOlB0ezZG2kLAS+kK5Gt3d2qyZo63Cn3XnfK8opGWxEbcBDbN/HrjAUjPUZG/Se5nOYBWvTKpLNe9+BG7CXpohh31u+gwZTXu1y0sXaS8Xi7z8J/v/3UtmHdrq+OuO4IakAnxgt2zGV/V7Gwga5Gkym0M3UjEYmz9ATMr49S6EeWG5/7Fpraxo6sWXK/sDCnU6vyHZxTMhQwAKzpG8wBjTj8b+ThIAu2PpliJSdi89HKD0ag0hvgYkJoZ81j6mGnNOROA6yU5r2hJXbp3BvqR5PJbXmBkP37ZHS9nYwPuRrNbB7+RKQ3Wqt1KvLCpRysu8IOyRgADtR8YNYlRhzg/cIYR0WwqGW82bbfX3MQ1EpyogyO30iZmIo7dF4Lnl46zwHQYK3rjizagjOScm3BbzswRPzeqoITJ5CBC0CMEW6/WtIc6M15R/9gkHt7Gfk9UZQBmOW+nqnDlBpaIqEZMKWUDl9jdRNTCEEq3o8wOP6CLdSBRHg7EdbEztjMOl8kEry7xxNu0o5jNpX8q9JgL82j/7pgMP5shqPcjxLFe4PwzgDdtYA83vu4GVYeukOrN/nYeMGBSMpEYzrNIz6MFtO+A2sQPBkGWd6w8REIGRbCJGcoxZw== datacop@wireloss.net - dan: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqYaVxQQRFs4XFboiZybRRkVXc8ONsH+1Af+05COaJXetGOH/BoZH+6R4tJ5N8hF2K5gkAwk3qI4P/Z7vrgLK0AD9zAClqLqd41/CfKy40kaDc8C2oTg0lQJuaoZcNHmkFTZZOcPsf12XemOCwx016d5F03t6KRQtho3vmZZAaRbGNRESDf99RWhU8yQ9XoV0IDmXF3psooTNwpLthVMQBEjLio7bN3oe656nKmtHWz8v2vVVfD8tI4RRw8bbO1WQ7WjMg0m4Dr7ylmcej3RnplzyJA1s3Ll4F0yvmFPlEB2p4vjLCxm4kClVyBSplskA7uu65pX1zmFs81JjpHokW0X3t2myYW31fa1vLxFFpJWAAMlZnkMUB7+q2HYyJDE9Pz9LcI6tDg7PofzGa62YympJ8AXgQC4ltzKm2Zl9mHNpql8O0GjoX69g/E86sKuaxycZfJFskY4mpuuy0mcginwhotylKv52AjfuvYl0VQjGWmwWiutCjbSVrMCKmTwbwtshQ5Zv6oyv5w4vYnSgfN+SpwtVYpywdksbLYrHNvVjs8iVac/sXXKHxL4NHlPOCmgJMIXu8THRpw8rhWYgK94hmQ6St9J4jv8iZaN+4FR6gwbm65N7vzH6nCy+GH0/HykS4siLr8Hl7w93q9e6A6Of7C2RnI/tDaACh2SZuGQ== dan@dan777 - brt: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3RtIKWtiV9OsqiTBo4r+2H0deWv5HM3xS3ovekjypYF1fw+mqd4ELA6VcRKNgGROInZfPuPUOuJtsWcHDsNrInZuj9a6AmgbTyrJcfY61PKPELg54OVeAEw9EiWK03jnphQ9sSlMxFqGfypH+s7WfyKVqxNc+z5pLEkkOlin/A3ShaHZehO2v36xPRaXvhyxzrHG7jVDCL+5tc6r9kIyhaDORXj/UZGwxE9MBIQRzNrbW0r3cbSyeoHKUGBzjg99ujNpOIegnlTol9/pANfn4ElHko+gOjhyM7nylo+WayXfeCbtV3pwr0GPvy0snjGG4E+e6oE1+l+xKHKlg4A4c2axMYqp8OyumsmIVT1nmarkivwTxEqOBqmIXuWsgumcZ1RaCJ5BxlIdzjkpjw9Gy0hNAnnEfzjWy91w+/pYW6YnVhlNevA0BM9kPwGqELOyhfBAckM6UCJVWx69MVzrl6my06EfmY4rmlFM3B0kAsMw1ThWW84S1lc5GckDdxkrz9sYeWVeAyxvyoZgmUcQ7OjWG9IRz578SucXnv1O47xSYh0RnwNIl34yTHUFxXsxw7RdZDPcEbk+ZSk4c67yoRup9CXhw1rPTvEFRYfMLr0cBtR9fiwu5StwwzvMsJNpZ/QMPthLYpUNePjwPINWZu6VCN56PKjRxMesNDvSt1Q== brt@fdread - nhg: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd1se9DUnMWXjF4a770J4rl6L9zFmNKc7TzN0hsapUS bene@klapprechner diff --git a/inventory/group_vars/chaos-at-home/main.yml b/inventory/group_vars/chaos-at-home/main.yml index 5c50797f..b0322c81 100644 --- a/inventory/group_vars/chaos-at-home/main.yml +++ b/inventory/group_vars/chaos-at-home/main.yml @@ -1,9 +1,7 @@ --- zsh_banner: chaos-at-home -admin_user_group: -- "{{ equinox_user }}" - -ssh_allowusers_group: "{{ admin_user_group | map(attribute='name') | list }}" +admin_users_group: + - equinox acmetool_account_email: admin@chaos-at-home.org diff --git a/inventory/group_vars/ele-ap/main.yml b/inventory/group_vars/ele-ap/main.yml index f585fb4b..d59e12fc 100644 --- a/inventory/group_vars/ele-ap/main.yml +++ b/inventory/group_vars/ele-ap/main.yml @@ -1,5 +1,7 @@ --- -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.datacop }}" +ssh_users_root: + - equinox + - datacop network_mgmt_zone: "{{ network_zones.mgmt }}" diff --git a/inventory/group_vars/ele-dolmetsch-raspi/main.yml b/inventory/group_vars/ele-dolmetsch-raspi/main.yml index 6203d845..c440e448 100644 --- a/inventory/group_vars/ele-dolmetsch-raspi/main.yml +++ b/inventory/group_vars/ele-dolmetsch-raspi/main.yml @@ -1,2 +1,5 @@ --- -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.datacop + ssh_keys.nhg }}" +ssh_users_root: + - equinox + - datacop + - nhg diff --git a/inventory/group_vars/ele-ups/main.yml b/inventory/group_vars/ele-ups/main.yml index 04165a14..4758804e 100644 --- a/inventory/group_vars/ele-ups/main.yml +++ b/inventory/group_vars/ele-ups/main.yml @@ -1,5 +1,7 @@ --- -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.datacop }}" +ssh_users_root: + - equinox + - datacop network_mgmt_zone: "{{ network_zones.funkfeuer }}" diff --git a/inventory/group_vars/realraum/main.yml b/inventory/group_vars/realraum/main.yml index 57c97453..8329f99a 100644 --- a/inventory/group_vars/realraum/main.yml +++ b/inventory/group_vars/realraum/main.yml @@ -1,2 +1,2 @@ --- -ssh_keys_root: "{{ ssh_keys.equinox.realraum }}" +ssh_keys_root: "{{ ssh_key_map.equinox.realraum }}" diff --git a/inventory/group_vars/skillz/main.yml b/inventory/group_vars/skillz/main.yml index 91b5a2dd..83765f7b 100644 --- a/inventory/group_vars/skillz/main.yml +++ b/inventory/group_vars/skillz/main.yml @@ -1,11 +1,12 @@ --- zsh_banner: skillz -admin_user_group: -- "{{ equinox_user }}" -- "{{ dan_user }}" +ssh_users_root: + - equinox + - dan -ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.dan }}" -ssh_allowusers_group: "{{ admin_user_group | map(attribute='name') | list }}" +admin_users_group: + - equinox + - dan acmetool_account_email: equinox@spreadspace.org |