I am pretty new to Ansible and this group, so just a quick “Hello” to everyone!
For my 1st questions I already got quick answers using IRC, but now I think a mail would be better.
The problem I have is the following: during the setup of virtual hosts I generate new users, with SSH key-pairs, and I checkout git repositories from our gitlab server.
For the git checkout we use deploy only keys. So I need to add the generated public SSH key from the special virtual host user to the project in gitlab.
I just wrote a little python script - as a proof of concept - to add a public SSH key to a project, so no bid deal at all.
But I have to specify either some credentials or a token for an administrative gitlab user, and I am stuck how to do this.
I came up with two strategies:
- Copy the python script, that installs the key in the project to the server, and pass the “secret” token using an environment variable to the script.
- Copy the public SSH key to the system, that excutes the playbook, and run the python script.
What I don’t like about the 1st approach is, that I have to install a python library (“pyapi-gitlab”), which isn’t really needed on the target server. Also I am not sure if my ideas are good practice.
So, do You have any suggestions (or pointers to best practices) what I should do?
Thanks in advance!
Regards,
Boris