forked from saratov/infra
fetch ed25519 host keys
This commit is contained in:
parent
55985436dc
commit
b48532e328
@ -22,6 +22,7 @@
|
|||||||
- name: prepare nodes
|
- name: prepare nodes
|
||||||
hosts: stack
|
hosts: stack
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
|
strategy: free
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- meta: end_play
|
- meta: end_play
|
||||||
when: destroy_all is defined and destroy_all
|
when: destroy_all is defined and destroy_all
|
||||||
@ -32,3 +33,17 @@
|
|||||||
- {role: prepare-config, tags: [ ]}
|
- {role: prepare-config, tags: [ ]}
|
||||||
- {role: common, tags: [ ]}
|
- {role: common, tags: [ ]}
|
||||||
tags: [ prepare ]
|
tags: [ prepare ]
|
||||||
|
|
||||||
|
- name: put ssh host keys to all nodes
|
||||||
|
hosts: stack
|
||||||
|
gather_facts: false
|
||||||
|
strategy: free
|
||||||
|
tasks:
|
||||||
|
- name: put keys to known hosts
|
||||||
|
copy:
|
||||||
|
src: ".tmp/{{ stack_name }}.known_hosts"
|
||||||
|
dest: "/etc/openssh/known_hosts"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
tags: [ prepare ]
|
||||||
|
@ -129,18 +129,14 @@
|
|||||||
group: root
|
group: root
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
||||||
- name: fetch ssh host keys
|
|
||||||
fetch:
|
|
||||||
src: /etc/openssh/ssh_host_rsa_key.pub
|
|
||||||
dest: ".tmp/{{ inventory_hostname_short }}.ssh_host_rsa_key.pub"
|
|
||||||
|
|
||||||
- name: read public ssh host key
|
- name: read public ssh host key
|
||||||
slurp:
|
slurp:
|
||||||
src: /etc/openssh/ssh_host_rsa_key.pub
|
src: /etc/openssh/ssh_host_ed25519_key.pub
|
||||||
register: host_key
|
register: host_key
|
||||||
|
|
||||||
- name: store public ssh host key in local file
|
- name: store public ssh host key in local file
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
regexp: "^{{ inventory_hostname_short}} "
|
||||||
line: "{{ inventory_hostname_short}} {{ host_key.content | b64decode }}"
|
line: "{{ inventory_hostname_short}} {{ host_key.content | b64decode }}"
|
||||||
path: ".tmp/{{ stack_name }}.known_hosts"
|
path: ".tmp/{{ stack_name }}.known_hosts"
|
||||||
create: yes
|
create: yes
|
||||||
|
Loading…
Reference in New Issue
Block a user