From 7088d68d75b6206f9c707fd2f1770decffd8c6f5 Mon Sep 17 00:00:00 2001
From: Markus Katharina Brechtel <markus.katharina.brechtel@thengo.net>
Date: Mon, 2 Oct 2017 08:59:36 +0000
Subject: [PATCH] hardcode to ed25519

---
 defaults/main.yml      | 1 -
 tasks/fetch.yml        | 3 +--
 tasks/save.yml         | 6 ++++--
 tasks/scan.yml         | 3 +--
 tasks/setup.yml        | 1 -
 templates/host_vars.j2 | 2 --
 vars/main.yml          | 4 ----
 7 files changed, 6 insertions(+), 14 deletions(-)
 delete mode 100644 vars/main.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index 6458e65..0e6fcf1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,4 +1,3 @@
-ssh_host_key_type: ed25519
 ssh_host_key_types:
   - ed25519
   - ecdsa
diff --git a/tasks/fetch.yml b/tasks/fetch.yml
index bc6b435..cfbf519 100644
--- a/tasks/fetch.yml
+++ b/tasks/fetch.yml
@@ -2,7 +2,7 @@
 
 - name: fetch ssh host key
   command:
-    cat "{{ root_target_directory | default("") }}/etc/ssh/ssh_host_{{ ssh_host_key_type }}_key.pub"
+    cat "{{ root_target_directory | default("") }}/etc/ssh/ssh_host_ed25519_key.pub"
   register: _ssh_host_key_cat_result
   changed_when: false
 
@@ -10,4 +10,3 @@
   set_fact:
     ssh_host_key_ed25519_public: "{{ _ssh_host_key_cat_result.stdout.split()[1] }}"
   changed_when: ssh_host_key_ed25519_public != _ssh_host_key_cat_result.stdout.split()[1]
-  when: ssh_host_key_type == "ed25519"
diff --git a/tasks/save.yml b/tasks/save.yml
index 33f4814..bf2badd 100644
--- a/tasks/save.yml
+++ b/tasks/save.yml
@@ -10,5 +10,7 @@
   local_action: known_hosts
   args:
     path: "{{ playbook_dir }}/ssh_known_hosts"
-    name: "{{ inventory_hostname }}"
-    key: "{{ inventory_hostname }},{{ ssh_ip }} {{ _ssh_key_type[ssh_host_key_type] }} {{ _ssh_host_key[ssh_host_key_type] }}"
+    name: "{{ item }}"
+    key: "{{ item }},{{ hostvars[item].ssh_ip }} ssh-ed25519 {{ hostvars[item].ssh_host_key_ed25519_public }}"
+  with_items: "{{play_hosts}}"
+  run_once: true
diff --git a/tasks/scan.yml b/tasks/scan.yml
index 7b92da4..8334c2a 100644
--- a/tasks/scan.yml
+++ b/tasks/scan.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: scan ssh host
-  local_action: command ssh-keyscan -t {{ssh_host_key_type}} {{ansible_host}}
+  local_action: command ssh-keyscan -t ed25519 {{ansible_host}}
   register: _ssh_keyscan_result
   changed_when: false
 
@@ -9,4 +9,3 @@
   set_fact:
     ssh_host_key_ed25519_public: "{{ _ssh_keyscan_result.stdout.split()[2] }}"
   changed_when: ssh_host_key_ed25519_public != _ssh_keyscan_result.stdout.split()[2]
-  when: ssh_host_key_type == "ed25519"
diff --git a/tasks/setup.yml b/tasks/setup.yml
index 5b65d7d..1ed1bcd 100644
--- a/tasks/setup.yml
+++ b/tasks/setup.yml
@@ -4,4 +4,3 @@
   set_fact:
     ssh_host_key_ed25519_public: "{{ ansible_ssh_host_key_ed25519_public }}"
   changed_when: ssh_host_key_ed25519_public != ansible_ssh_host_key_ed25519_public
-  when: ssh_host_key_type == "ed25519"
diff --git a/templates/host_vars.j2 b/templates/host_vars.j2
index c8e9c97..26af1cb 100644
--- a/templates/host_vars.j2
+++ b/templates/host_vars.j2
@@ -1,3 +1 @@
-{% if ssh_host_key_type == "ed25519" %}
 ssh_host_key_ed25519_public: {{ ssh_host_key_ed25519_public }}
-{% endif %}
diff --git a/vars/main.yml b/vars/main.yml
deleted file mode 100644
index 33bf1a1..0000000
--- a/vars/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-_ssh_key_type:
-  ed25519: ssh-ed25519
-_ssh_host_key:
-  ed25519: "{{ ssh_host_key_ed25519_public | default(undefined) }}"