From 0810f962803e0489b290cdc21f8ef1d17abb069c Mon Sep 17 00:00:00 2001
From: Markus Katharina Brechtel <markus.katharina.brechtel@thengo.net>
Date: Thu, 28 Sep 2017 08:50:04 +0000
Subject: [PATCH] regeneration also for root target directories

---
 defaults/main.yml    |  4 ++++
 tasks/regenerate.yml | 31 ++++++++++++++++++++++++-------
 2 files changed, 28 insertions(+), 7 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index f16b9d4..6458e65 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,3 +1,7 @@
 ssh_host_key_type: ed25519
+ssh_host_key_types:
+  - ed25519
+  - ecdsa
+  - rsa
 ssh_ip: "{{ansible_host}}"
 ssh_host_key_state: configured
diff --git a/tasks/regenerate.yml b/tasks/regenerate.yml
index e73bd93..e2cbd14 100644
--- a/tasks/regenerate.yml
+++ b/tasks/regenerate.yml
@@ -1,11 +1,28 @@
 ---
 
-- name: delete ssh host keys
+- name: ssh config directory
   file:
-    path: "{{item}}"
-    state: absent
-  with_fileglob:
-    - /etc/ssh/ssh_host_*
+    path: "{{ root_target_directory | default('') }}/etc/ssh"
+    state: directory
 
-- name: reconfigure ssh server
-  shell: dpkg-reconfigure openssh-server
+- name: delete old ssh host private keys
+  #file:
+  #  path: "{{ item }}"
+  #  state: absent
+  #with_fileglob:
+  #  - "{{ root_target_directory | default('') }}/etc/ssh/ssh_host_*"
+  shell: rm {{ root_target_directory | default('') }}/etc/ssh/ssh_host_*
+  args:
+    warn: false
+  register: _ssh_delete_host_keys_command
+  failed_when: _ssh_delete_host_keys_command.rc > 1
+  changed_when: _ssh_delete_host_keys_command.rc == 0
+
+- name: generate new ssh host keys
+  command: ssh-keygen -f {{ root_target_directory | default('') }}/etc/ssh/ssh_host_{{item}}_key -N "" -t {{item}}
+  with_items: "{{ssh_host_key_types}}"
+
+- service:
+    name: sshd
+    state: reloaded
+  when: not root_target_directory is defined