fix(vars): enforce strict list-only DNS and user.key format for IaC compatibility

2026-02-12 21:50:55 +01:00
parent 673a9b6062
commit 67c320fcc2
4 changed files with 38 additions and 36 deletions
--- a/roles/configuration/tasks/users.yml
+++ b/roles/configuration/tasks/users.yml
@@ -26,12 +26,13 @@
    group: 1000
    mode: "0700"

- name: Add SSH public key to authorized_keys
+- name: Add SSH public keys to authorized_keys
  when: system_cfg.user.key | length > 0
  ansible.builtin.lineinfile:
    path: /mnt/home/{{ system_cfg.user.name }}/.ssh/authorized_keys
-    line: "{{ system_cfg.user.key }}"
+    line: "{{ item }}"
    owner: 1000
    group: 1000
    mode: "0600"
    create: true
+  loop: "{{ system_cfg.user.key }}"