From b14d2c40a40fffee70b47a3258c12eaf589fead4 Mon Sep 17 00:00:00 2001
From: Ricard Illa <ricard@trkkn.com>
Date: Fri, 2 Sep 2022 17:04:12 +0200
Subject: [PATCH] feat: remove authorized_keys files, no longer needed thanks
 to ssh user certificates

---
 roles/users/files/public_keys/ansible    |  1 -
 roles/users/files/public_keys/woodpecker |  1 -
 roles/users/files/public_keys/yubikey    |  1 -
 roles/users/tasks/ansible.yml            | 10 ----------
 roles/users/tasks/rilla.yml              |  9 ---------
 roles/users/tasks/woodpecker.yml         | 10 ----------
 6 files changed, 32 deletions(-)
 delete mode 100644 roles/users/files/public_keys/ansible
 delete mode 100644 roles/users/files/public_keys/woodpecker
 delete mode 100644 roles/users/files/public_keys/yubikey

diff --git a/roles/users/files/public_keys/ansible b/roles/users/files/public_keys/ansible
deleted file mode 100644
index 422c610..0000000
--- a/roles/users/files/public_keys/ansible
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCpMZP3Oa6Ky6rEGoo9dEWqDk3d1iX5Cjgug5TBxvmS0NV82wx8t3w9Lbt2LOLuEHY5HjRxdIwCslt3YSy73qYCVCGCRVADRPsg6Hfhxf9xeAs5PAQ0Y0Ig90XcTWh9wm43ahOFX6Pr2DBkSO88fUbbhVr99jyMppOOo1MzJLzreU90hJ+0f8pMWVjc/X6M3ukivseeT26sACq+RLPAB+xCOakQC6ILP5ICZuu+uqGyXr8dziz+XPnwbXTO76vwxvA+svFB/lC+EkAb0TGc7pW7yhXCKBFtKCuQyJ14OGzqm0x1YkLaS/ZBK3MFBAp1rH9JsyT5uxzUO81LJSUcfFnNzerrLSZulF1RxVw0ElvafEnZIOu8qQYzREOmR2azw3LAcefvocaBHmc1fB5ppLD6vY+8hqYgBMt6qLiaB8fhwh/Yt2EOwvflMiu9h6J9hwAuQnGEo46N04rFHZR1mat/VUwyiMlJRdFWcV2hH4Ngy2d9Jx1rXmo2I2V5EpGSTjU= ansible user
diff --git a/roles/users/files/public_keys/woodpecker b/roles/users/files/public_keys/woodpecker
deleted file mode 100644
index 4bbf350..0000000
--- a/roles/users/files/public_keys/woodpecker
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDl+gVOUm8Tiy8rZfYgNs/K5FCcc8euD07ZZjzv0HgDxbvsV8NkXg8L0yktLqJwN0xSfjpX3lratPBak4fC0O5DEnRfnQVoKI1pWAvfE1WQsl5+a5w1rhHseMb7iiTOwxiFTbChflo7TFLC5sH1brYzb4wsyoioBfd0u2EWITnCeg3PnEw71f6xyP0cCexXmWcAjPuNSyoEOSGfip0+rkyaTp+0uQle0QU6NWcxhDhl/sUGyAn1wK681tMeek3rG4ec5nK0i6Z61SBSp4rFLcLpIIfOYxf89J+s25ldfGPrWHxn5RrTmwQHYZtI9mR9EnDa+gZ7PFxtp5rg18gdBhY+9ZEBgVFCSOjJ9rbtVB/eA+8/Hc/8YlI+64yW8PJ8QSWzmd53EA/27pbred2MyqxAuu+w8LbrUAKaHEDmMjw5R+zcDTlOJuuOoaN7ivwi1HPHcur7LBiMUzfmXRPDXt6uqfsjM9bwYQt6VsOldr6ftkdVZomx4YH3jsGRogR42LE= woodpecker ci
diff --git a/roles/users/files/public_keys/yubikey b/roles/users/files/public_keys/yubikey
deleted file mode 100644
index 151116c..0000000
--- a/roles/users/files/public_keys/yubikey
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaiwmnSKC4DpznZlode1987DvGVLWqkvDZXZ6ey/LOZhRHvNnr5lP4Ke034R17mHHuTlzzuTKUKTN6JcIxBURGUwjWgNQO5z+7SapdOvPpw7M8wOlgp92CbIMiE/tReNbUi2e584Y5NR4tMCQm+FPvQ7c7nY/WoxJ6VSiKBbXzN+IrB9H6ZAVyfAlzHpxhwXeuP5xFwTtapzyzyc4phvuIhbXUc9NOZHXwoAR2La/0TVOgDyktEmCq6aGet03Azz6KPRptdnf4g9V3u8YivccXfd9WTrJr9fj1fWjDU9bBKVU6GtdcSwfqKwa6X4sQIZfONKvVEfqbIIEB70FsXHcdfnm3EN5L1PWbC441Q8bB1zvu/GnlXTlxDFmzByxnbLWTSPLuQyKq5sv9va8Jl9QEVpS3qWJbPHYBTevgboTExyLmpEfsCI+Of86Oxb8PNjyhX1/oWiy8S3w+5oQgAb+yNfSVPnX7CO4oGQhnttoXHA94LzxArYr9zZIp2asRMlc4VVWVH/jQ4FdLDjvKNARYiytOplZBPvFOHJiGb/rfjZKbMPPE+3V1WQPZ6B2nlWN5QxTpnLgTQnONr5rlSrvzFPY8BISUAYcdOCErG4agHDkHFZqWn8u+51wUZUnXo4NI+rty4Nzmc/kPfqWyv/8mSJfihidfuuHGEEzCk1qVdQ== cardno:11 073 199
diff --git a/roles/users/tasks/ansible.yml b/roles/users/tasks/ansible.yml
index e2d2589..2fc715b 100644
--- a/roles/users/tasks/ansible.yml
+++ b/roles/users/tasks/ansible.yml
@@ -22,20 +22,10 @@
     group: ansible
     mode: '2755'
 
-- name: set ansible's authorized keys
-  authorized_key:
-    user: ansible
-    key: '{{ item }}'
-    path: /var/lib/ansible/.ssh/authorized_keys
-  with_file:
-    - public_keys/yubikey
-    - public_keys/ansible
-
 - name: commit ansible's home to lbu
   lbu:
     include:
       - /var/lib/ansible
-      - /var/lib/ansible/.ssh/authorized_keys
     exclude:
       - /var/lib/ansible/.ansible
       - /var/lib/ansible/.ash_history
diff --git a/roles/users/tasks/rilla.yml b/roles/users/tasks/rilla.yml
index d900714..e172bb9 100644
--- a/roles/users/tasks/rilla.yml
+++ b/roles/users/tasks/rilla.yml
@@ -31,19 +31,10 @@
     group: rilla
     mode: '2755'
 
-- name: set rilla's authorized key
-  authorized_key:
-    user: rilla
-    key: '{{ item }}'
-    path: /home/rilla/.ssh/authorized_keys
-  with_file:
-    - public_keys/yubikey
-
 - name: commit rilla's home to lbu
   lbu:
     include:
       - /home/rilla
-      - /home/rilla/.ssh/authorized_keys
     exclude:
       - /home/rilla/.ash_history
   when: ansible_distribution == "Alpine" and use_lbu
diff --git a/roles/users/tasks/woodpecker.yml b/roles/users/tasks/woodpecker.yml
index 958a171..23246da 100644
--- a/roles/users/tasks/woodpecker.yml
+++ b/roles/users/tasks/woodpecker.yml
@@ -31,20 +31,10 @@
     group: woodpecker
     mode: '2755'
 
-- name: set woodpecker's authorized keys
-  authorized_key:
-    user: woodpecker
-    key: '{{ item }}'
-    path: /var/lib/woodpecker/.ssh/authorized_keys
-  with_file:
-    - public_keys/yubikey
-    - public_keys/woodpecker
-
 - name: commit woodpecker's home to lbu
   lbu:
     include:
       - /var/lib/woodpecker
-      - /var/lib/woodpecker/.ssh/authorized_keys
     exclude:
       - /var/lib/woodpecker/.ash_history
   when: ansible_distribution == "Alpine" and use_lbu