dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity

gw1: Enable pam_ssh_agent_auth for sudo 

This machine is _not_ a member of the _pyrocufflink.blue_ AD domain, so
it does not inherit the settings from that group.  Also, Jenkins does
not manage it, so only my personal keys are authorized.
frigate-exporter
Dustin 2024-01-28 12:15:18 -06:00
parent 6bad6dcb7a
commit 1bff9b2649
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
host_vars/gw1.pyrocufflink.blue/main.yml
View File

@ -13,3 +13,11 @@ nut_monitor_password: !vault |
3866663235393232320a386230346639643836623063373634383966663334626136313234333435 3866663235393232320a386230346639643836623063373634383966663334626136313234333435
33313038643935343635366365626630613365316233393536373232616563396636323064366631 33313038643935343635366365626630613365316233393536373232616563396636323064366631
3734346263623832396439386463323430323437643537623262 3734346263623832396439386463323430323437643537623262
sudo_use_pam_ssh_agent: true
sudo_authorized_ssh_keys: |
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIF4yQAS0bAQ9Ymxgxv828MsX0z4ff/Fs//0PQOtPexRJAAAABHNzaDo= dustin@rosalina.pyrocufflink.blue
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINal4+Gn/KuyP6YTsQuW4cphfDcjrS428osVIqnqMfagAAAABHNzaDo= dustin@luma.pyrocufflink.blue
# Default flags include -n, which makes Ansible complain about a "missing
# become password," even though it would never actually prompt for one.
ansible_become_flags: -H