diff options
author | Markos Chandras <mchandras@suse.de> | 2018-03-28 10:24:47 +0100 |
---|---|---|
committer | Markos Chandras <mchandras@suse.de> | 2018-03-28 22:05:21 +0100 |
commit | e6b6001274cafea8374a06e8b17fb22fa20eb096 (patch) | |
tree | 4ee39c57aaf38f653f008f8b62859b72ef3bf3a8 /xci/installer/osa/playbooks/configure-targethosts.yml | |
parent | 455ea6c732384de5616be9c8c5cb006ae38e6716 (diff) |
xci: Use proper Ansible modules to manage SSH keys
We can use the 'user', 'slurp' and 'authorized_key' modules
to manage the various SSH configurations across the hosts instead
of using command line tools.
Change-Id: I2dde4d584fc336e267868607d5a58f5ee2c1feed
Signed-off-by: Markos Chandras <mchandras@suse.de>
Diffstat (limited to 'xci/installer/osa/playbooks/configure-targethosts.yml')
-rw-r--r-- | xci/installer/osa/playbooks/configure-targethosts.yml | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/xci/installer/osa/playbooks/configure-targethosts.yml b/xci/installer/osa/playbooks/configure-targethosts.yml index 09258e7c..b76a5950 100644 --- a/xci/installer/osa/playbooks/configure-targethosts.yml +++ b/xci/installer/osa/playbooks/configure-targethosts.yml @@ -33,7 +33,33 @@ - xci_ceph_enabled == "true" - "'compute' in group_names" tasks: - - name: add public key to host - copy: - src: "{{ xci_path }}/xci/files/authorized_keys" - dest: /root/.ssh/authorized_keys + - name: Determine local user + become: no + local_action: command whoami + changed_when: False + register: _ansible_user + + - name: Fetch local SSH key + delegate_to: localhost + become: no + slurp: + src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub" + register: _local_ssh_key + + - name: Fetch OPNFV SSH key + delegate_to: opnfv + slurp: + src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub" + register: _opnfv_ssh_key + + - name: "Configure {{ inventory_hostname }} authorized_keys file" + authorized_key: + exclusive: "{{ item.exclusive }}" + user: root + state: present + manage_dir: yes + key: "{{ item.key }}" + comment: "{{ item.comment }}" + with_items: + - { key: "{{ _local_ssh_key['content'] | b64decode }}", comment: "{{ _ansible_user.stdout }} key", exclusive: yes } + - { key: "{{ _opnfv_ssh_key['content'] | b64decode }}", comment: "opnfv host key", exclusive: no } |