Merge pull request #9 from mvdriel/make-mode-configurable

tersmitten · tersmitten · commit be4e71bd49c9 · 2015-07-09T23:41:18.000+02:00
Make UNIX permission mode bits configurable for public and private keys
diff --git a/README.md b/README.md
@@ -13,13 +13,15 @@ None
 * `ssh_keys_private_keys`: [default: `[]`]: Private key declarations
 * `ssh_keys_private_keys.{n}.owner`: [required]: The name of the user that should own the file
 * `ssh_keys_private_keys.{n}.group`: [optional, default `owner`]: The name of the group that should own the file
+* `ssh_keys_private_keys.{n}.mode`: [optional, default `0600`]: The UNIX permission mode bits of the file
 * `ssh_keys_private_keys.{n}.src`: [required]: The local path of the key
 * `ssh_keys_private_keys.{n}.dest`: [optional, default: `id_rsa`]: The remote path of the key (relative to `home/.ssh/`)
 * `ssh_keys_private_keys.{n}.state`: [optional, default: `present`]: State
 
 * `ssh_keys_public_keys`: [default: `[]`]: Public key declarations
 * `ssh_keys_public_keys.{n}.owner`: [required]: The name of the user that should own the file
 * `ssh_keys_public_keys.{n}.group`: [optional, default `owner`]: The name of the group that should own the file
+* `ssh_keys_public_keys.{n}.mode`: [optional, default `0644`]: The UNIX permission mode bits of the file
 * `ssh_keys_public_keys.{n}.src`: [required]: The local path of the key
 * `ssh_keys_public_keys.{n}.dest`: [optional, default: `id_rsa.pub`]: The remote path of the key (relative to `home/.ssh/`)
 * `ssh_keys_public_keys.{n}.state`: [optional, default: `present`]: State
diff --git a/tasks/private-keys.yml b/tasks/private-keys.yml
@@ -6,7 +6,7 @@
     dest: "~{{ item.owner }}/{{ ssh_keys_sshdir }}/{{ item.dest | default(ssh_keys_private_key_filename) }}"
     owner: "{{ item.owner }}"
     group: "{{ item.group | default(item.owner) }}"
-    mode: 0600
+    mode: "{{ item.mode | default('0600') }}"
   with_items: ssh_keys_private_keys
   when: item.state is undefined or item.state == 'present'
   tags: [configuration, ssh-keys, ssh-keys-private-keys]
diff --git a/tasks/public-keys.yml b/tasks/public-keys.yml
@@ -6,7 +6,7 @@
     dest: "~{{ item.owner }}/{{ ssh_keys_sshdir }}/{{ item.dest | default(ssh_keys_public_key_filename) }}"
     owner: "{{ item.owner }}"
     group: "{{ item.group | default(item.owner) }}"
-    mode: 0644
+    mode: "{{ item.mode | default('0644') }}"
   with_items: ssh_keys_public_keys
   when: item.state is undefined or item.state == 'present'
   tags: [configuration, ssh-keys, ssh-keys-public-keys]
