diff options
author | Emil Renner Berthing <esmil@labitat.dk> | 2018-09-26 15:18:26 +0200 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2018-09-30 19:39:54 +0200 |
commit | 125d5a727d78863d8f9c2f5906425e0b1eb26651 (patch) | |
tree | 8bd784f877aaea45344095e8e20af686355899ab | |
parent | 8e5916ac7ef161432abedd8c6948a8db2b5c8169 (diff) | |
download | labitat-ansible-125d5a727d78863d8f9c2f5906425e0b1eb26651.tar.gz labitat-ansible-125d5a727d78863d8f9c2f5906425e0b1eb26651.tar.xz labitat-ansible-125d5a727d78863d8f9c2f5906425e0b1eb26651.zip |
space_server: sshd: keep host keys in secrets.yml
-rw-r--r-- | roles/space_server/tasks/sshd.yml | 24 | ||||
-rw-r--r-- | space.yml | 3 |
2 files changed, 25 insertions, 2 deletions
diff --git a/roles/space_server/tasks/sshd.yml b/roles/space_server/tasks/sshd.yml index aaf6452..63f3367 100644 --- a/roles/space_server/tasks/sshd.yml +++ b/roles/space_server/tasks/sshd.yml @@ -6,6 +6,30 @@ tags: - packages +- name: Create private host keys + copy: + dest: '/etc/ssh/{{ item.key }}' + content: '{{ item.value.private }}' + owner: root + group: ssh_keys + mode: 0640 + with_dict: '{{ ssh_host_keys }}' + loop_control: + label: '/etc/ssh/{{ item.key }}' + when: ssh_host_keys is defined + +- name: Create public host keys + copy: + dest: '/etc/ssh/{{ item.key }}.pub' + content: '{{ item.value.public }}' + owner: root + group: root + mode: 0644 + with_dict: '{{ ssh_host_keys }}' + loop_control: + label: '/etc/ssh/{{ item.key }}.pub' + when: ssh_host_keys is defined + - name: Configure sshd lineinfile: path: '/etc/ssh/sshd_config' @@ -12,8 +12,7 @@ - /etc/ansible/secrets.yml - secrets.yml skip: true - tags: - - radius + tags: always roles: - space_server |