7 geänderte Dateien mit 6 neuen und 14 gelöschten Zeilen
-
+0 -1defaults/main.yml
-
+1 -2tasks/fetch.yml
-
+4 -2tasks/save.yml
-
+1 -2tasks/scan.yml
-
+0 -1tasks/setup.yml
-
+0 -2templates/host_vars.j2
-
+0 -4vars/main.yml
+ 0
- 1
defaults/main.yml
Datei anzeigen
| @@ -1,4 +1,3 @@ | |||||
| ssh_host_key_type: ed25519 | |||||
| ssh_host_key_types: | ssh_host_key_types: | ||||
| - ed25519 | - ed25519 | ||||
| - ecdsa | - ecdsa | ||||
+ 1
- 2
tasks/fetch.yml
Datei anzeigen
| @@ -2,7 +2,7 @@ | |||||
| - name: fetch ssh host key | - name: fetch ssh host key | ||||
| command: | command: | ||||
| cat "{{ root_target_directory | default("") }}/etc/ssh/ssh_host_{{ ssh_host_key_type }}_key.pub" | |||||
| cat "{{ root_target_directory | default("") }}/etc/ssh/ssh_host_ed25519_key.pub" | |||||
| register: _ssh_host_key_cat_result | register: _ssh_host_key_cat_result | ||||
| changed_when: false | changed_when: false | ||||
| @@ -10,4 +10,3 @@ | |||||
| set_fact: | set_fact: | ||||
| ssh_host_key_ed25519_public: "{{ _ssh_host_key_cat_result.stdout.split()[1] }}" | ssh_host_key_ed25519_public: "{{ _ssh_host_key_cat_result.stdout.split()[1] }}" | ||||
| changed_when: ssh_host_key_ed25519_public != _ssh_host_key_cat_result.stdout.split()[1] | changed_when: ssh_host_key_ed25519_public != _ssh_host_key_cat_result.stdout.split()[1] | ||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 4
- 2
tasks/save.yml
Datei anzeigen
| @@ -10,5 +10,7 @@ | |||||
| local_action: known_hosts | local_action: known_hosts | ||||
| args: | args: | ||||
| path: "{{ playbook_dir }}/ssh_known_hosts" | path: "{{ playbook_dir }}/ssh_known_hosts" | ||||
| name: "{{ inventory_hostname }}" | |||||
| key: "{{ inventory_hostname }},{{ ssh_ip }} {{ _ssh_key_type[ssh_host_key_type] }} {{ _ssh_host_key[ssh_host_key_type] }}" | |||||
| name: "{{ item }}" | |||||
| key: "{{ item }},{{ hostvars[item].ssh_ip }} ssh-ed25519 {{ hostvars[item].ssh_host_key_ed25519_public }}" | |||||
| with_items: "{{play_hosts}}" | |||||
| run_once: true | |||||
+ 1
- 2
tasks/scan.yml
Datei anzeigen
| @@ -1,7 +1,7 @@ | |||||
| --- | --- | ||||
| - name: scan ssh host | - name: scan ssh host | ||||
| local_action: command ssh-keyscan -t {{ssh_host_key_type}} {{ansible_host}} | |||||
| local_action: command ssh-keyscan -t ed25519 {{ansible_host}} | |||||
| register: _ssh_keyscan_result | register: _ssh_keyscan_result | ||||
| changed_when: false | changed_when: false | ||||
| @@ -9,4 +9,3 @@ | |||||
| set_fact: | set_fact: | ||||
| ssh_host_key_ed25519_public: "{{ _ssh_keyscan_result.stdout.split()[2] }}" | ssh_host_key_ed25519_public: "{{ _ssh_keyscan_result.stdout.split()[2] }}" | ||||
| changed_when: ssh_host_key_ed25519_public != _ssh_keyscan_result.stdout.split()[2] | changed_when: ssh_host_key_ed25519_public != _ssh_keyscan_result.stdout.split()[2] | ||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 0
- 1
tasks/setup.yml
Datei anzeigen
| @@ -4,4 +4,3 @@ | |||||
| set_fact: | set_fact: | ||||
| ssh_host_key_ed25519_public: "{{ ansible_ssh_host_key_ed25519_public }}" | ssh_host_key_ed25519_public: "{{ ansible_ssh_host_key_ed25519_public }}" | ||||
| changed_when: ssh_host_key_ed25519_public != ansible_ssh_host_key_ed25519_public | changed_when: ssh_host_key_ed25519_public != ansible_ssh_host_key_ed25519_public | ||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 0
- 2
templates/host_vars.j2
Datei anzeigen
| @@ -1,3 +1 @@ | |||||
| {% if ssh_host_key_type == "ed25519" %} | |||||
| ssh_host_key_ed25519_public: {{ ssh_host_key_ed25519_public }} | ssh_host_key_ed25519_public: {{ ssh_host_key_ed25519_public }} | ||||
| {% endif %} | |||||
+ 0
- 4
vars/main.yml
Datei anzeigen
| @@ -1,4 +0,0 @@ | |||||
| _ssh_key_type: | |||||
| ed25519: ssh-ed25519 | |||||
| _ssh_host_key: | |||||
| ed25519: "{{ ssh_host_key_ed25519_public | default(undefined) }}" | |||||