diff --git a/defaults/main.yml b/defaults/main.yml index 1bfe6baa81cc73a29f42f28286ad946d809b9f36..48b3fd85872a5461049f824cb7d4a7da6cd2bb53 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -2,4 +2,3 @@ # defaults file for deploy-key deploy_key_users: - nobody - - root diff --git a/tasks/main.yml b/tasks/main.yml index b87e65d4d6480501b5bf4c4978592fb4f86d2a55..49367d2a63c4fa0b28bd7767c4fb89f9e5fe61ef 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -37,12 +37,17 @@ name: git state: present +- name: Get the nobody uid + command: id -u nobody + changed_when: False + register: deploy_key_nobody_uid + - name: Copy the deployment key copy: content: '{{ deploy_key }}' - owner: root + owner: '{{ deploy_key_nobody_uid.stdout.strip()|int -1 }}' group: deploy - mode: 0o0440 + mode: 0o0040 dest: /etc/ssh/deploy.key - name: Configure SSH to use the deploy key