ревизия
d1372e6f8c
променени са 10 файла, в които са добавени 80 реда и са изтрити 0 реда
Обединен изглед
Diff Options
-
+1 -0.gitignore
-
+1 -0defaults/main.yml
-
+13 -0tasks/fetch.yml
-
+27 -0tasks/main.yml
-
+8 -0tasks/save.yml
-
+12 -0tasks/scan.yml
-
+10 -0tasks/setup.yml
-
+3 -0templates/host_vars.j2
-
+1 -0templates/ssh_host_key.j2
-
+4 -0vars/main.yml
+ 1
- 0
.gitignore
Целия файл
| @@ -0,0 +1 @@ | |||||
| *~ | |||||
+ 1
- 0
defaults/main.yml
Целия файл
| @@ -0,0 +1 @@ | |||||
| ssh_host_key_type: ed25519 | |||||
+ 13
- 0
tasks/fetch.yml
Целия файл
| @@ -0,0 +1,13 @@ | |||||
| --- | |||||
| - name: fetch ssh host key | |||||
| command: | |||||
| cat "{{ root_target_directory }}/etc/ssh/ssh_host_{{ ssh_host_key_type }}_key.pub" | |||||
| register: _ssh_host_key_cat_result | |||||
| changed_when: false | |||||
| - name: set ssh_host_key_ed25519_public | |||||
| set_fact: | |||||
| ssh_host_key_ed25519_public: "{{ _ssh_host_key_cat_result.stdout.split()[1] }}" | |||||
| changed_when: ssh_host_key_ed25519_public != _ssh_host_key_cat_result.stdout.split()[1] | |||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 27
- 0
tasks/main.yml
Целия файл
| @@ -0,0 +1,27 @@ | |||||
| --- | |||||
| - include: scan.yml | |||||
| when: | |||||
| ssh_host_key_state is defined and | |||||
| ssh_host_key_state == 'scanned' | |||||
| #- include: setup.yml | |||||
| - include: fetch.yml | |||||
| when: | |||||
| root_target_directory is defined and ( | |||||
| not ssh_host_key_state is defined or | |||||
| ssh_host_key_state == 'fetched' ) | |||||
| - include: save.yml | |||||
| - name: write ssh_known_hosts file | |||||
| local_action: known_hosts | |||||
| args: | |||||
| path: 'ssh_known_hosts' | |||||
| name: '{{ inventory_hostname }}' | |||||
| key: "{{ inventory_hostname }} {{ _ssh_key_type[ssh_host_key_type] }} {{ _ssh_host_key[ssh_host_key_type] }}" | |||||
| when: | |||||
| not ssh_host_key_state is defined or | |||||
| ssh_host_key_state == 'configured' or | |||||
| ssh_host_key_state == 'scanned' | |||||
+ 8
- 0
tasks/save.yml
Целия файл
| @@ -0,0 +1,8 @@ | |||||
| --- | |||||
| - name: host_vars directory | |||||
| local_action: file path=host_vars/{{inventory_hostname}} state=directory | |||||
| - name: host_vars file | |||||
| local_action: template src=host_vars.j2 dest=host_vars/{{inventory_hostname}}/ssh_host_key.yml | |||||
+ 12
- 0
tasks/scan.yml
Целия файл
| @@ -0,0 +1,12 @@ | |||||
| --- | |||||
| - name: scan ssh host | |||||
| local_action: command ssh-keyscan -t {{ssh_host_key_type}} {{inventory_hostname}} | |||||
| register: _ssh_keyscan_result | |||||
| changed_when: false | |||||
| - name: set ssh_host_key_ed25519_public | |||||
| set_fact: | |||||
| ssh_host_key_ed25519_public: "{{ _ssh_keyscan_result.stdout.split()[2] }}" | |||||
| changed_when: ssh_host_key_ed25519_public != _ssh_keyscan_result.stdout.split()[2] | |||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 10
- 0
tasks/setup.yml
Целия файл
| @@ -0,0 +1,10 @@ | |||||
| --- | |||||
| - setup: | |||||
| gather_subset: '!all' | |||||
| - name: set ssh_host_key_ed25519_public | |||||
| set_fact: | |||||
| ssh_host_key_ed25519_public: "{{ ansible_ssh_host_key_ed25519_public }}" | |||||
| changed_when: ssh_host_key_ed25519_public != ansible_ssh_host_key_ed25519_public | |||||
| when: ssh_host_key_type == "ed25519" | |||||
+ 3
- 0
templates/host_vars.j2
Целия файл
| @@ -0,0 +1,3 @@ | |||||
| {% if ssh_host_key_type == "ed25519" %} | |||||
| ssh_host_key_ed25519_public: {{ ssh_host_key_ed25519_public }} | |||||
| {% endif %} | |||||
+ 1
- 0
templates/ssh_host_key.j2
Целия файл
| @@ -0,0 +1 @@ | |||||
| {{ _ssh_key_type[ssh_host_key_type] }} {% if ssh_host_key_type == "ed25519" %}{{ ssh_host_key_ed25519_public }}{% endif %} | |||||
+ 4
- 0
vars/main.yml
Целия файл
| @@ -0,0 +1,4 @@ | |||||
| _ssh_key_type: | |||||
| ed25519: ssh-ed25519 | |||||
| _ssh_host_key: | |||||
| ed25519: "{{ ssh_host_key_ed25519_public | default(undefined) }}" | |||||