gregandev
/
rpi-ansible
mirror of https://github.com/ruanbekker/rpi-ansible
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Ansible playbook for configuring a fresh install of Raspbian
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 Commits
2 Branches
0 Tags
184 KiB
 
Tag: Branch: Tree: 06c572ffc3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '06c572ffc3'
${ noResults }
rpi-ansible/roles/common/tasks/sshd.yml

83 lines
2.3 KiB
Raw Blame History

---
# Set ssh host keys
- name: initialize list of host keys to copy over
set_fact:
ssh_host_keyfiles: []
tags: [ sshd ]
- name: find local copy of dsa host key
delegate_to: localhost
stat:
path: roles/common/files/etc/ssh/ssh_host_dsa_key.{{ myconfig.hostname }}
register: result
tags: [ sshd ]
- name: add dsa key to list if found
set_fact:
ssh_host_keyfiles: "{{ ssh_host_keyfiles }} + [ 'etc/ssh/ssh_host_dsa_key.{{ myconfig.hostname }}' ]"
when: result.stat.exists == true
tags: [ sshd ]
- name: find local copy of rsa host key
delegate_to: localhost
stat:
path: roles/common/files/etc/ssh/ssh_host_rsa_key.{{ myconfig.hostname }}
register: result
tags: [ sshd ]
- name: add rsa key to list if found
set_fact:
ssh_host_keyfiles: "{{ ssh_host_keyfiles }} + [ 'etc/ssh/ssh_host_rsa_key.{{ myconfig.hostname }}' ]"
when: result.stat.exists == true
tags: [ sshd ]
- name: find local copy of ed25519 host key
delegate_to: localhost
stat:
path: roles/common/files/etc/ssh/ssh_host_ed25519_key.{{ myconfig.hostname }}
register: result
tags: [ sshd ]
- name: add ed25519 key to list if found
set_fact:
ssh_host_keyfiles: "{{ ssh_host_keyfiles }} + [ 'etc/ssh/ssh_host_ed25519_key.{{ myconfig.hostname }}' ]"
when: result.stat.exists == true
tags: [ sshd ]
- name: find local copy of ecdsa host key
delegate_to: localhost
stat:
path: roles/common/files/etc/ssh/ssh_host_ecdsa_key.{{ myconfig.hostname }}
register: result
tags: [ sshd ]
- name: add ecdsa key to list if found
set_fact:
ssh_host_keyfiles: "{{ ssh_host_keyfiles }} + [ 'etc/ssh/ssh_host_ecdsa_key.{{ myconfig.hostname }}' ]"
when: result.stat.exists == true
tags: [ sshd ]
- name: set SSH host keys
copy:
src: "{{ item }}"
dest: "/{{ item }}"
owner: root
group: root
mode: '0600'
with_items: "{{ ssh_host_keyfiles }}"
register: result
tags: [ sshd ]
- name: remove old SSH host public keys
file:
path: "/{{ item }}.pub"
state: absent
with_items: "{{ ssh_host_keyfiles }}"
when: result is changed
tags: [ sshd ]
- name: regenerate SSH host public keys
shell:
cmd: "ssh-keygen -y -f /{{ item }} > /{{ item }}.pub"
creates: "/{{ item }}.pub"
with_items: "{{ ssh_host_keyfiles }}"
when: result is changed
tags: [ sshd ]