introduce ssh_users_root

[noc.git] / ansible / group_vars / all / main.yml

diff --git a/ansible/group_vars/all/main.yml b/ansible/group_vars/all/main.yml
index 90463fc..32a6b24 100644 (file)
--- a/ansible/group_vars/all/main.yml
+++ b/ansible/group_vars/all/main.yml
@@ -1,28 +1,21 @@
 ---
-user_groups:
-  noc:
-    - equinox
-    - gebi
-    - nicoo
-    - bernhard
+# Build-related directories
+global_artifacts_dir: "{{ inventory_dir }}/artifacts"
+global_cache_dir: "{{ inventory_dir }}/.cache"
 
-users:
-  equinox:
-    email: equinox@realraum.at
-    gpg:   0xD74907C9E64E6CED8FE3
+# Directory for static assets
+global_files_dir: "{{ inventory_dir }}/files"
 
-  gebi:
-    email: michael@mgeb.org
-    gpg:   0x6E302CF4D98B9702
+# Default credentials
+## Root password; by default, undefined
+root_password: "{{ vault_root_password }}"
+## SSH keys for root, default to NOC's
 
-  nicoo:
-    email: nicolas@braud-santoni.eu
-    gpg:   0x3F41B0739AAD91B7CDC0
-
-  bernhard:
-    email: xro@realraum.at
-    gpg:   0xE3468B9CE81EB4F91486
+ssh_users_root: "{{ user_groups.noc }}"
+## TODO: make this a filter_plugin...
+ssh_keys_root: "{{ ssh_users_root | map('extract', users) | map(attribute='ssh') | flatten | list }}"
 
+## TODO: not used at the moment?
 noc_groups:
   - adm
   - sudo