Mirrors/ansible-collection-famedly-base
2
0
Fork 0
mirror of https://github.com/famedly/ansible-collection-base synced 2024-11-10 06:24:17 +00:00
Code Issues Projects Releases Packages Wiki Activity
ansible-collection-famedly-.../roles/dropbear_luks_unlock
History
Jan Christian Grünhage 9aaa8912d4
fix(dropbear_luks_unlock): resolve lints
2022-09-05 12:03:12 +02:00
..
defaults fix(dropbear_luks_unlock): resolve lints 2022-09-05 12:03:12 +02:00
handlers fix(dropbear_luks_unlock): resolve lints 2022-09-05 12:03:12 +02:00
tasks fix(dropbear_luks_unlock): resolve lints 2022-09-05 12:03:12 +02:00
vars fix(dropbear_luks_unlock): resolve lints 2022-09-05 12:03:12 +02:00
README.md fix(dropbear_luks_unlock): resolve lints 2022-09-05 12:03:12 +02:00

README.md

famedly.base.dropbear_luks_unlock ansible role

Usage

  • Specify authorized SSH keys in dropbear_authorized_keys: string[], which can then connect as root@{host} when dropbear is running.

  • Specify the network configuration in dropbear_ip_config as a dict with they keys { ip, gateway, netmask, hostname, interface }. Currently, only static IPv4 config is tested.

  • The default command to run on login in /bin/cryptroot-unlock - to override it, set dropbear_run_command accordingly.

Removal of SSH keys

  • In order to remove pubkeys, the SSH keys specified in dropbear_authorized_keys need to be dicts with a key and state key, where state is either present or absent.

  • Ommitting the state for implicit present is allowed, so is plainly specifying the key as a string directly.

dropbear_authorized_keys:
  - key: "<ssh_key_0>"
  - key: "<ssh_key_1>"
    state: present
  - key: "<ssh_key_2>"
    state: absent
  - "<ssh_key_3>"

Supported distros

  • Tested and verified with stock debian 10
  • Tested and verified with stock debian 11