If a client requests admin access to a trellis/ansible-managed server and I have their public ssh string, does it make sense to just (either create a new user, or) add the string in here:
# Also define 'vault_users' (`group_vars/staging/vault.yml`, `group_vars/production/vault.yml`)
users:
- name: "{{ admin_user }}"
groups:
- sudo
keys:
- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
- "ssh-rsa AAAAB3NzaC1yc2etc..."
And then reprovision: ansible-playbook server.yml -e env=production --tags users