diff options
| author |   Markos Chandras <mchandras@suse.de> | 2018-04-03 11:14:11 +0100 |
|---|---|---|
| committer | Markos Chandras <mchandras@suse.de> | 2018-04-03 11:14:11 +0100 |
| commit | 8199744e9cee88127291b22ebeb9e78142cc4ade (patch) | |
| tree | 8cd1c665a9b836d14e9a77ad62a9d0b9490d2ec6 /xci/playbooks/manage-ssh-keys.yml | |
| parent | e2b961ec221a68437fae2a062d3492b6e77d27ad (diff) | |
xci: osa: Move tasks for managing SSH keys to a new file
The tasks that manage the SSH keys are common across hosts and
also common across different installers. As such, lets move them
to a new file so we can share them more easily.
Change-Id: If235877394f224a47a2f2b8de748a2330eabcec1
Signed-off-by: Markos Chandras <mchandras@suse.de>
Diffstat (limited to 'xci/playbooks/manage-ssh-keys.yml')
| -rw-r--r-- | xci/playbooks/manage-ssh-keys.yml | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/xci/playbooks/manage-ssh-keys.yml b/xci/playbooks/manage-ssh-keys.yml new file mode 100644 index 00000000..ff797aad --- /dev/null +++ b/xci/playbooks/manage-ssh-keys.yml @@ -0,0 +1,47 @@ +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 SUSE Linux GmbH and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- name: Configure SSH key for root user + user: + name: root + generate_ssh_key: yes + ssh_key_bits: 2048 + ssh_key_comment: xci + ssh_key_type: rsa + state: present + +- name: Determine local user + become: no + local_action: command whoami + changed_when: False + register: _ansible_user + +- name: Fetch local SSH key + delegate_to: localhost + become: no + slurp: + src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub" + register: _local_ssh_key + +- name: Fetch OPNFV SSH key + delegate_to: opnfv + slurp: + src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub" + register: _opnfv_ssh_key + +- name: "Configure {{ inventory_hostname }} authorized_keys file" + authorized_key: + exclusive: "{{ item.exclusive }}" + user: root + state: present + manage_dir: yes + key: "{{ item.key }}" + comment: "{{ item.comment }}" + with_items: + - { key: "{{ _local_ssh_key['content'] | b64decode }}", comment: "{{ _ansible_user.stdout }} key", exclusive: yes } + - { key: "{{ _opnfv_ssh_key['content'] | b64decode }}", comment: "opnfv host key", exclusive: no } |