proftpd: Fix format of public key files controlled by ansible

The comments used by ansible's blockinfile module break the format expected by proftpd for public ssh keys, making them unusable. Replace with a template, we will just have to accept that we need to use ansible for all changes to these file.
2022-12-08 17:32:53 +01:00 · 2022-12-08 17:32:53 +01:00 · 101c282846
parent e415800508
commit 101c282846
3 changed files with 9 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -53,6 +53,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * evolinux-user: Fix sudoers privilege for check php\_fpm80
 * nagios-nrpe: Fix check opendkim for recent change in listening port
 * varnish: fix missing state, that blocked the task
+* proftpd: Fix format of public key files controlled by ansible

 ### Removed

--- a/proftpd/tasks/accounts.yml
+++ b/proftpd/tasks/accounts.yml
@ -62,13 +62,13 @@
    - proftpd

 - name: Allow keys for SFTP account
-  blockinfile:
-    dest: "/etc/proftpd/sftp.authorized_keys/{{ item.name }}"
-    state: present
-    block: "{{ item.sshkeys }}"
-    create: yes
+  template:
+    dest: "/etc/proftpd/sftp.authorized_keys/{{ _proftpd_account.name }}"
+    src: authorized_keys.j2
    mode: 0600
  loop: "{{ proftpd_accounts_final }}"
+  loop_control:
+    loop_var: _proftpd_account
  notify: restart proftpd
  when: 
    - proftpd_sftp_enable | bool
--- a/proftpd/templates/authorized_keys.j2
+++ b/proftpd/templates/authorized_keys.j2
@ -0,0 +1,3 @@
+{%- for key in _proftpd_account.sshkeys %}
+{{ key }}
+{%- endfor %}