tobias/infrastructure
1
0
Fork 0
Code Issues 5 Pull Requests Projects Activity
5d220348b7
infrastructure/ansible/tasks/create_ssh_keys.yaml
Tobias Manske 6976503097
All checks were successful
continuous-integration/drone/push Build is passing
Details
fixup! Per Device SSH-Keys
2023-09-14 14:54:09 +02:00

27 lines
1.0 KiB
YAML
Raw Blame History

# Onboarding: This playbook generates per-device ssh keys and places them in passage for later use.
---
- name: Generate SSH Keys
hosts: all
serial: 1
tasks:
- name: Check for ssh key present
shell: "passage machine/{{ inventory_hostname }}/ssh_key"
delegate_to: localhost
register: ssh_key
failed_when: false
changed_when: false
- name: Generate ssh_key
shell: "( exec 3>&1 ; ssh-keygen -qt ed25519 -f /proc/self/fd/3 <<<y >/dev/null 2>&1 ) | passage insert --multiline machine/{{ inventory_hostname }}/ssh_key"
delegate_to: localhost
when: ssh_key.rc != 0
register: new_ssh_key
- name: Add entry to secrets.yml
delegate_to: localhost
lineinfile:
state: present
path: ../secrets.yml
regexp: "^SSH_KEY_{{ inventory_hostname | mandatory | regex_replace('[^A-Za-z0-9]', '_') }}:"
line: "SSH_KEY_{{ inventory_hostname | mandatory | regex_replace('[^A-Za-z0-9]', '_') }}: !var:file machine/{{ inventory_hostname }}/ssh_key"
# vim: ft=yaml.ansible
Reference in New Issue View Git Blame Copy Permalink