common: Added downloading and processing ssh host keys

wip
Felix Stupp 5 years ago
parent 6b36435d8d
commit 02ff70e699
Signed by: zocker
GPG Key ID: 93E1BD26F6B02FB7

@ -0,0 +1,4 @@
FILES = $(shell ls | grep -vE "^dns$$")
dns: $(FILES)
echo "$(FILES)" | xargs --max-args 1 ssh-keygen -r "$$(basename "$$(pwd)")." -f > "$@"

@ -13,4 +13,37 @@
line: "PasswordAuthentication no"
notify: restart ssh
# TODO Collect SSH Host Keys
- name: Collect ssh host keys
command: "cat /etc/ssh/ssh_host_{{ item | quote }}_key.pub"
loop: "{{ ssh_host_key_types }}"
register: ssh_host_keys
changed_when: False
check_mode: no
- name: Create directory for host keys locally
local_action:
module: file
path: "{{ global_ssh_host_key_directory }}/{{ ansible_fqdn }}"
state: directory
owner: "{{ global_local_user }}"
group: "{{ global_local_user }}"
mode: "u=rwx,g=rx,o=rx"
- name: Store ssh host keys locally
local_action:
module: copy
content: "{{ item.stdout }}\n"
dest: "{{ global_ssh_host_key_directory }}/{{ ansible_fqdn }}/{{ item.item }}"
owner: "{{ global_local_user }}"
group: "{{ global_local_user }}"
mode: "u=rw,g=r,o=r"
loop: "{{ ssh_host_keys.results }}"
loop_control:
label: "{{ item.item }}"
- name: Generate ssh host key dns fingerprints locally
local_action:
module: make
chdir: "{{ global_ssh_host_key_directory }}/{{ ansible_fqdn }}"
file: "{{ playbook_dir }}/helpers/ssh_dns_fingerprints.makefile"
target: dns

Loading…
Cancel
Save