From 8199744e9cee88127291b22ebeb9e78142cc4ade Mon Sep 17 00:00:00 2001
From: Markos Chandras <mchandras@suse.de>
Date: Tue, 3 Apr 2018 11:14:11 +0100
Subject: xci: osa: Move tasks for managing SSH keys to a new file

The tasks that manage the SSH keys are common across hosts and
also common across different installers. As such, lets move them
to a new file so we can share them more easily.

Change-Id: If235877394f224a47a2f2b8de748a2330eabcec1
Signed-off-by: Markos Chandras <mchandras@suse.de>
---
 xci/playbooks/manage-ssh-keys.yml | 47 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 xci/playbooks/manage-ssh-keys.yml

(limited to 'xci/playbooks/manage-ssh-keys.yml')

diff --git a/xci/playbooks/manage-ssh-keys.yml b/xci/playbooks/manage-ssh-keys.yml
new file mode 100644
index 00000000..ff797aad
--- /dev/null
+++ b/xci/playbooks/manage-ssh-keys.yml
@@ -0,0 +1,47 @@
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018 SUSE Linux GmbH and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- name: Configure SSH key for root user
+  user:
+    name: root
+    generate_ssh_key: yes
+    ssh_key_bits: 2048
+    ssh_key_comment: xci
+    ssh_key_type: rsa
+    state: present
+
+- name: Determine local user
+  become: no
+  local_action: command whoami
+  changed_when: False
+  register: _ansible_user
+
+- name: Fetch local SSH key
+  delegate_to: localhost
+  become: no
+  slurp:
+    src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub"
+  register: _local_ssh_key
+
+- name: Fetch OPNFV SSH key
+  delegate_to: opnfv
+  slurp:
+    src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub"
+  register: _opnfv_ssh_key
+
+- name: "Configure {{ inventory_hostname }} authorized_keys file"
+  authorized_key:
+    exclusive: "{{ item.exclusive }}"
+    user: root
+    state: present
+    manage_dir: yes
+    key: "{{ item.key }}"
+    comment: "{{ item.comment }}"
+  with_items:
+    - { key: "{{ _local_ssh_key['content'] | b64decode }}", comment: "{{ _ansible_user.stdout }} key", exclusive: yes }
+    - { key: "{{ _opnfv_ssh_key['content'] | b64decode }}", comment: "opnfv host key", exclusive: no }
-- 
cgit 1.2.3-korg