|
|
|
|
---
|
|
|
|
|
#
|
|
|
|
|
# Set ssh host keys
|
|
|
|
|
#
|
|
|
|
|
- name: set SSH host keys
|
|
|
|
|
copy:
|
|
|
|
|
src: "{{ item }}"
|
|
|
|
|
dest: "/{{ item.split('.')[0] }}"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: '0600'
|
|
|
|
|
with_items: "{{ myconfig.ssh_host_key_files }}"
|
|
|
|
|
register: result
|
|
|
|
|
when: "'ssh_host_key_files' in myconfig"
|
|
|
|
|
tags: [ sshd ]
|
|
|
|
|
|
|
|
|
|
- name: remove old SSH host public keys
|
|
|
|
|
file:
|
|
|
|
|
path: "/{{ item.split('.')[0] }}.pub"
|
|
|
|
|
state: absent
|
|
|
|
|
with_items: "{{ myconfig.ssh_host_key_files }}"
|
|
|
|
|
when: "'ssh_host_key_files' in myconfig and result is changed"
|
|
|
|
|
tags: [ sshd ]
|
|
|
|
|
|
|
|
|
|
- name: regenerate SSH host public keys
|
|
|
|
|
shell:
|
|
|
|
|
cmd: "ssh-keygen -y -f /{{ item.split('.')[0] }} > /{{ item.split('.')[0] }}.pub"
|
|
|
|
|
creates: "/{{ item }}.pub"
|
|
|
|
|
with_items: "{{ myconfig.ssh_host_key_files }}"
|
|
|
|
|
when: "'ssh_host_key_files' in myconfig and result is changed"
|
|
|
|
|
tags: [ sshd ]
|
