fix(configuration): guard user keys access to avoid dict.keys() method collision
This commit is contained in:
@@ -42,7 +42,7 @@
|
|||||||
no_log: true
|
no_log: true
|
||||||
|
|
||||||
- name: Ensure .ssh directory exists
|
- name: Ensure .ssh directory exists
|
||||||
when: (item.value['keys'] | default([]) | length) > 0
|
when: ('keys' in item.value) and (item.value['keys'] | length) > 0
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "/mnt/home/{{ item.key }}/.ssh"
|
path: "/mnt/home/{{ item.key }}/.ssh"
|
||||||
state: directory
|
state: directory
|
||||||
@@ -55,7 +55,7 @@
|
|||||||
label: "{{ item.key }}"
|
label: "{{ item.key }}"
|
||||||
|
|
||||||
- name: Deploy SSH authorized_keys
|
- name: Deploy SSH authorized_keys
|
||||||
when: (item.value['keys'] | default([]) | length) > 0
|
when: ('keys' in item.value) and (item.value['keys'] | length) > 0
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
content: "{{ item.value['keys'] | join('\n') }}\n"
|
content: "{{ item.value['keys'] | join('\n') }}\n"
|
||||||
dest: "/mnt/home/{{ item.key }}/.ssh/authorized_keys"
|
dest: "/mnt/home/{{ item.key }}/.ssh/authorized_keys"
|
||||||
|
|||||||
@@ -30,7 +30,7 @@
|
|||||||
that:
|
that:
|
||||||
- item.value is mapping
|
- item.value is mapping
|
||||||
- item.key | string | length > 0
|
- item.key | string | length > 0
|
||||||
- item.value['keys'] is not defined or (item.value['keys'] is iterable and item.value['keys'] is not string)
|
- ('keys' not in item.value) or (item.value['keys'] is iterable and item.value['keys'] is not string)
|
||||||
fail_msg: "Each system.users entry must be a dict keyed by username; 'keys' must be a list."
|
fail_msg: "Each system.users entry must be a dict keyed by username; 'keys' must be a list."
|
||||||
quiet: true
|
quiet: true
|
||||||
loop: "{{ system.users | dict2items }}"
|
loop: "{{ system.users | dict2items }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user