add limited user 'cd' able only to run 'rundeploy' (#1)
Reviewed-on: #1
This commit is contained in:
parent
e195228bdc
commit
d23fa03719
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
sshd__match_list:
|
||||
- match: 'User cd'
|
||||
options: |
|
||||
ForceCommand rundeploy
|
||||
|
|
@ -8,6 +8,13 @@ system_users__accounts:
|
|||
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHg8MUtkmTJ/klyDK3hqCHm8TTSOMqvtxuXaS/+EQRcTb9BaAajcpMDdpsPx9YHt04x4jsQiOdwV/gi0RRxdEf3lD9jjrGeTeb1gFjLeyttDu6zD0LrTa73Ly//ccN+TnFSnwSgJ+0eSzYJAQu3qIqTyKyBaWGMq1iNwlBQ42PnKSYvnz70qU25zCgVfgUohdeSawNYxYPdvKj4jA4NlVLcZScwk7cOTHZ0bBq2D2ksUsmNmPDKLI55xxKbgBT/7q4T2IKBZixKVA8B1meYDSZ/lUzDy+BlQU+EWjSiue62g/W4KnUBeea+0L91E3YLw0m8LPV/I8EvDnQWj24EyZtCneFxz3EuNyPudr61j0Ec95qFY//nH+HtTqxxa1GO02dtFstGWIvKHaMrU4vEYNpfkSDYHEhinAvT+2yJnj02TT4zEe/2S1u3ESh8y8Q+s2w0uiy0lYcslYrLtTLJhdp+7FTefd0P8v1xXlKTGRmxhsrWMg+VqZ78W3T2ncnNlKvvpOsTHaUNYu4nLCgPVdsc9ZcA7SnNXwfJf/M+h/9mi6/SuKQftwUdUbdTScCnftYrsF93/0bMcCVCZes1O/uCTDNJQEN1acNwie6kdXtAelwHip3d4xdgQgHOpxwvibZsQP5EqLJZOolD2rFzBkDoeo4vEjlFwYdZu4QtNAmaQ=='
|
||||
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1Z5/y24+GbZITmmjfrqLujsJnS+B1YgQB4GYj+aut/WvoCt51kZ0nmNDv9c23OOQvTm7XPt+tCJm1GA+Fa1X/UurImMn0aZwB7pGg8qRvJFtYYqQOoxkUtMs4IXrhiGwTKWKgXr4q+MZxqv5otf3uHszVGqT+VNeGpmJfwZV7CdT/vWXKKuO3CIgHypg0StgUZ4O8kEFDDGu/M+bBDMeStm8AeA2LpOBCP9IP75zvGgNrI0mTPJa/Wlx/GO1Nf4DWxZSZh5Wk+77QF0YSl4jT49A3g/D3187/EJafFukaeHMziMG+gz5ZRZOCs4HnA7a5A0CpfGindrJQmQyp+GugTlxA6NVmrqFOlr9KXfB6ZFPWqTmQKYR4F0IyP3OoLM1e8n/2yuXFeOPuvHXOSbDKkerjcjyRxDN1gdG8X8XNTy1/V51+OkVgMFNoDVc9Q9kZXdWL98IC1BavDArnQUyE3Zc+Ip2j66bM1c+zLNdyTpATlp1zhkkYw1K79i1ZNYqw9EoW4O6bciC/DFxZeKDEw73fCR7S1zAxT4IBbiCQ2dj1Wx44EjxbF0baiw679SlfxEkkZBplcRHeBeIrmQ5gaIceNu6RdR14wSqYhcPAQtz6hSpoGowEKvtHHrEqw4F+tNQ3nOMDkCw8my/9c4jl/loM69knuGBmk11ffNZFKQ=='
|
||||
|
||||
# a user with the minimum rights needed to deploy
|
||||
- name: 'deploy'
|
||||
admin: False
|
||||
shell: '/bin/rbash'
|
||||
sshkeys:
|
||||
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAklUXMRpOED6XlZg97a66P7HqYANkjvWfIL3/+w7AiV'
|
||||
|
||||
- name: 'arjan'
|
||||
admin: True
|
||||
sshkeys:
|
||||
|
@ -36,3 +43,4 @@ system_users__accounts:
|
|||
system_users__default_shell: '/bin/bash'
|
||||
|
||||
system_users__self_name: 'ansible-admin'
|
||||
|
||||
|
|
Loading…
Reference in New Issue