First working commit

.gitignore

@@ -0,0 +1,3 @@
+.molecule
+__pycache__
+*.pyc

README.md

@@ -0,0 +1,56 @@
+SSH Keys
+=========
+
+Simplest role to map users with provided ssh keys.
+
+Requirements
+------------
+
+User to distribute the key to need to be already present
+
+Role Variables
+--------------
+
+Only two variables here:
+
+```yml
+# Default to clean
+ssh_keys_clean: True
+
+ssh_keys_user:
+  root:
+    - "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"
+```
+
+Dependencies
+------------
+
+None
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: bastions
+      roles:
+         - role: j0lly.ssh-keys
+           ssh_keys_clean: False
+           ssh_keys_user:
+             user_a:
+               - https://place.to-store/keys
+               - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
+               - "ssh-rsa BBBBB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"
+             admin_user:
+               - https://another.place.to-store/keys
+               - '{{ lookup("file", "path/to/keys") }}'
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

defaults/main.yml

@@ -0,0 +1,10 @@
+---
+# defaults file for ansible-role-ssh-keys
+# define if extenally set keys need to be erased
+ssh_keys_clean: True
+
+# based on user, define sources of keys
+# see http://docs.ansible.com/ansible/authorized_key_module.html for item types
+ssh_keys_user:
+  root:
+    - "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"

handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for ansible-role-ssh-keys

meta/main.yml

@@ -0,0 +1,16 @@
+galaxy_info:
+  author: j0lly
+  description: very simple role to manage ssh pulic keys
+
+  license: BSD
+
+  min_ansible_version: 2.2
+
+  platforms:
+  - name: EL
+    versions:
+    - 7
+
+  galaxy_tags: ['ssh', 'infrastructure', 'base']
+
+dependencies: []

molecule.yml

@@ -0,0 +1,21 @@
+---
+dependency:
+  name: galaxy
+
+ansible:
+  verbose: vvv
+  playbook: tests/playbook-test.yml
+
+driver:
+  name: docker
+
+docker:
+  containers:
+    - name: test-ssh-keys
+      image: centos
+      image_version: 7
+      privileged: True
+      command: '/usr/lib/systemd/systemd'
+
+verifier:
+  name: testinfra

tasks/add_keys.yml

@@ -0,0 +1,9 @@
+---
+# tasks file for ansible-role-ssh-keys
+- name: Set authorized keys from items
+  authorized_key:
+    user: '{{ outer_item.key }}'
+    key: '{{ item }}'
+    state: present
+    exclusive: '{{ ssh_keys_clean }}'
+  with_items: '{{ outer_item.value }}'

tasks/main.yml

@@ -0,0 +1,6 @@
+---
+# tasks file for ansible-role-ssh-keys
+- include: add_keys.yml
+  with_dict: '{{ssh_keys_user}}'
+  loop_control:
+    loop_var: outer_item

tests/playbook-test.yml

@@ -0,0 +1,15 @@
+---
+- hosts: all
+  vars:
+    user_name: 'johnd'
+  pre_tasks:
+    - name: PRE - create test user
+      user:
+        name: '{{ user_name }}'
+  roles:
+    - role: ansible-role-ssh-keys
+      ssh_keys_user:
+        root:
+          - 'https://github.com/j0lly.keys'
+        '{{ user_name }}':
+          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDmttIEinXN5+2J8g3V3XnVRshX9qllMNbHqGNT9x7glW5PsG1XUAKIjIvD5GfTEbqjxHuCuxXUuoUi/LsrQAGUO1hEnamsDZtczhWmoHiK8gzLW83qKIzXLsGEexzi7POnroRvjKNy2/koeigjY3+GcRXsJzwv0P4IaJMLi/aDvOhzLe00yiNQ6X+9Fdyp3n589e3k5H+A9BqROanoxuAA7ko0TGW52AHxM51doEofy4ySKqOj3M+vV5VwQNFmUFqa8WEnBYZ6k5eUL4ixJxY5TMzZfzWcOpIhI8+8WrnTmsDIB3t54VO3BeVW5hrG8W6oiwDVDvSDTpqklY2gmwI7"

tests/test_default.py

@@ -0,0 +1,12 @@
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    '.molecule/ansible_inventory').get_hosts('all')
+
+
+def test_hosts_file(File):
+    f = File('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'

vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for ansible-role-ssh-keys