| 1 |
I am currently trying to slim down and minimize my own few machines. |
| 2 |
|
| 3 |
Way too much customer servers out there so I'd like to keep it simple in |
| 4 |
here at least. |
| 5 |
|
| 6 |
This lead me to configuring and provisioning my machines via ansible. |
| 7 |
|
| 8 |
The goals: |
| 9 |
|
| 10 |
* make sure that my user exists |
| 11 |
* roll out configs/dotfiles/git-repos/home-dir |
| 12 |
* maybe roll out some system-configs as well (systemd-units, timers) / |
| 13 |
... separate ansible-role, OT here |
| 14 |
|
| 15 |
etc |
| 16 |
|
| 17 |
I have set up and maintained quite a list of bash-aliases to access my |
| 18 |
customer-servers in daily work. |
| 19 |
|
| 20 |
Something like: |
| 21 |
|
| 22 |
alias abcd-server='ssh -p 51023 174.183.26.11' # demo only |
| 23 |
|
| 24 |
This is based on ssh-pubkey-authentication, sure. |
| 25 |
|
| 26 |
My questions: |
| 27 |
|
| 28 |
* if I have a user X on each machine, should each userX@machine have its |
| 29 |
own ssh-pubkey? Or is it OK to roll out the same ~/.ssh to all machines? |
| 30 |
|
| 31 |
* same q for ~/.gnupg ... |
| 32 |
|
| 33 |
I can deploy the pubkeys to the servers via ansible, sure. |
| 34 |
But I would like to keep it simple. stupid. |
| 35 |
|
| 36 |
;) |
Archives