From 34d9d9af0ed39f73d8505a469e69a24f6a964c36 Mon Sep 17 00:00:00 2001
From: Markos Chandras <mchandras@suse.de>
Date: Wed, 10 May 2017 11:37:38 +0100
Subject: prototypes: xci: Move host keys away from / directory

Putting the host keys in '/' requires root privileges so
it's best if we place them in the same directory like the
rest of the XCI files.

Change-Id: I030ed3d6cbb57bb984a78aeffb4eca2bd5c10bb0
Signed-off-by: Markos Chandras <mchandras@suse.de>
---
 xci/playbooks/configure-opnfvhost.yml             | 10 ++++++++--
 xci/playbooks/roles/remove-folders/tasks/main.yml |  1 +
 2 files changed, 9 insertions(+), 2 deletions(-)

(limited to 'xci/playbooks')

diff --git a/xci/playbooks/configure-opnfvhost.yml b/xci/playbooks/configure-opnfvhost.yml
index 28e6b217..af90c9dc 100644
--- a/xci/playbooks/configure-opnfvhost.yml
+++ b/xci/playbooks/configure-opnfvhost.yml
@@ -55,8 +55,12 @@
       shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N ""
       args:
         creates: /root/.ssh/id_rsa
+    - name: ensure ssh key storage directory exists
+      file:
+        path: "{{ OPNFV_SSH_HOST_KEYS_PATH }}"
+        state: directory
     - name: fetch public key
-      fetch: src="/root/.ssh/id_rsa.pub" dest="/"
+      fetch: src="/root/.ssh/id_rsa.pub" dest="{{ OPNFV_SSH_HOST_KEYS_PATH }}"
     - name: copy flavor inventory
       shell: "/bin/cp -rf {{XCI_FLAVOR_ANSIBLE_FILE_PATH}}/inventory {{OPNFV_RELENG_PATH}}/prototypes/xci/playbooks"
     - name: copy flavor vars
@@ -89,8 +93,10 @@
         chdir: "{{OPENSTACK_OSA_PATH}}/scripts"
 - hosts: localhost
   remote_user: root
+  vars_files:
+    - ../var/opnfv.yml
   tasks:
     - name: Generate authorized_keys
-      shell: "/bin/cat /opnfv/root/.ssh/id_rsa.pub >> ../file/authorized_keys"
+      shell: "/bin/cat {{ OPNFV_SSH_HOST_KEYS_PATH }}/opnfv/root/.ssh/id_rsa.pub >> ../file/authorized_keys"
     - name: Append public keys to authorized_keys
       shell: "/bin/cat /root/.ssh/id_rsa.pub >> ../file/authorized_keys"
diff --git a/xci/playbooks/roles/remove-folders/tasks/main.yml b/xci/playbooks/roles/remove-folders/tasks/main.yml
index ac8c0f7d..425b8dbf 100644
--- a/xci/playbooks/roles/remove-folders/tasks/main.yml
+++ b/xci/playbooks/roles/remove-folders/tasks/main.yml
@@ -18,3 +18,4 @@
     - "{{ OPENSTACK_OSA_PATH }}"
     - "{{ OPENSTACK_OSA_ETC_PATH }}"
     - "{{ LOG_PATH }} "
+    - "{{ OPNFV_SSH_HOST_KEYS_PATH }}"
-- 
cgit 1.2.3-korg