user-git-server: Ckean-up and refactoring

progmaticltd · May 26, 2024 · 02569b6 · 02569b6
1 parent 5edf45d
commit 02569b6
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 10 deletions.
diff --git a/roles/user-git-server/tasks/base/facts.yml b/roles/user-git-server/tasks/base/facts.yml
@@ -5,7 +5,7 @@
   ansible.builtin.set_fact:
     cakey_passphrase: >-
       {{ lookup(creds.store, creds.prefix
-      + "/ssh/ca-passphrase" + creds.opts.create) }}
+      + "/ssh/server-keys-passphrase" + creds.opts.create) }}
   tags: facts
 
 - name: Filter the list of users to install / check / etc

diff --git a/roles/user-git-server/tasks/install/user-send-keys.yml b/roles/user-git-server/tasks/install/user-send-keys.yml
@@ -33,6 +33,16 @@
     ssh_files: '{{ lookup("ansible.builtin.fileglob", user_src_dir + "/*") | split(",") }}'
   tags: emails
 
+- name: Create the attachments folder
+  register: emails
+  ansible.builtin.file:
+    path: '{{ tmp_folder }}/attachments'
+    state: directory
+    owner: postmaster
+    group: postmaster
+    mode: '0700'
+  tags: emails
+
 - name: Copy all the files to send in the temporary folder
   register: emails
   ansible.builtin.copy:

diff --git a/roles/user-git-server/tasks/install/user-sign-key.yml b/roles/user-git-server/tasks/install/user-sign-key.yml
@@ -64,15 +64,6 @@
     ignore_timestamps: true
   tags: users, keys
 
-- name: Create user SSH configuration template for this key
-  delegate_to: localhost
-  become: false
-  ansible.builtin.template:
-    src: ssh-user.conf
-    dest: '{{ backup_directory }}/ssh/users/{{ user.uid }}/{{ key_file_name }}-ssh.conf'
-    mode: '0644'
-  tags: users, keys
-
 - name: Re-encrypt the key
   no_log: '{{ hide_secrets }}'
   delegate_to: localhost
@@ -84,3 +75,12 @@
     -f '{{ backup_directory }}/ssh/ca/ca.key'
   changed_when: true
   tags: ca, keys
+
+- name: Create user SSH configuration template for this key
+  delegate_to: localhost
+  become: false
+  ansible.builtin.template:
+    src: ssh-user.conf
+    dest: '{{ backup_directory }}/ssh/users/{{ user.uid }}/{{ key_file_name }}-ssh.conf'
+    mode: '0644'
+  tags: users, keys