WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 12:07:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

for initial installs use gathered ssh host key, then remove and use signed ones

Browse Source
This commit is contained in:
Kevin Fenzi
2017-09-04 17:24:51 +00:00
parent 585dba2a76
commit 6b1fc4d83f
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/basessh/tasks/main.yml
View File

@@ -172,3 +172,9 @@
- config
- sshd
- base
- name: make sure there is no old ssh host key for the host still around
local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
with_items:
- /root/.ssh/known_hosts

14
tasks/virt_instance_create.yml
View File

@@ -76,6 +76,13 @@
tags:
- armv7-kernel
- name: make sure there is no old ssh host key for the host still around
local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
with_items:
- /root/.ssh/known_hosts
when: inventory_hostname not in result.list_vms
- name: (osbs-control01.stg) make sure there is no old ssh host key for the host still around
known_hosts: path={{item}} host={{ inventory_hostname }} state=absent
ignore_errors: True
@@ -104,6 +111,13 @@
register: hostkey
when: inventory_hostname not in result.list_vms
- name: add new ssh host key (until we can sign it)
local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
ignore_errors: True
with_items:
- /root/.ssh/known_hosts
when: inventory_hostname not in result.list_vms
- name: (osbs-control01.stg) add new ssh host key
known_hosts: path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
ignore_errors: True