diff --git a/provision.yml b/provision.yml index 19760b2..bec7163 100644 --- a/provision.yml +++ b/provision.yml @@ -22,6 +22,7 @@ - name: prepare nodes hosts: stack gather_facts: false + strategy: free pre_tasks: - meta: end_play when: destroy_all is defined and destroy_all @@ -32,3 +33,17 @@ - {role: prepare-config, tags: [ ]} - {role: common, tags: [ ]} tags: [ prepare ] + +- name: put ssh host keys to all nodes + hosts: stack + gather_facts: false + strategy: free + tasks: + - name: put keys to known hosts + copy: + src: ".tmp/{{ stack_name }}.known_hosts" + dest: "/etc/openssh/known_hosts" + owner: root + group: root + mode: 0644 + tags: [ prepare ] diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 691298e..b272567 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -129,18 +129,14 @@ group: root mode: 0644 -- name: fetch ssh host keys - fetch: - src: /etc/openssh/ssh_host_rsa_key.pub - dest: ".tmp/{{ inventory_hostname_short }}.ssh_host_rsa_key.pub" - - name: read public ssh host key slurp: - src: /etc/openssh/ssh_host_rsa_key.pub + src: /etc/openssh/ssh_host_ed25519_key.pub register: host_key - name: store public ssh host key in local file lineinfile: + regexp: "^{{ inventory_hostname_short}} " line: "{{ inventory_hostname_short}} {{ host_key.content | b64decode }}" path: ".tmp/{{ stack_name }}.known_hosts" create: yes