diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-09-10 09:50:50 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-09-10 09:50:50 +0300 |
commit | 0029263b6f7dc06e7f74985dd875add573b9c553 (patch) | |
tree | 9cbac8895adcc5233b95a2286cb80ff55b15c1c9 | |
parent | 2b020e24e4113d221222f0104cfda6a9a9ea47f7 (diff) | |
download | ansibleness-0029263b6f7dc06e7f74985dd875add573b9c553.tar.gz |
http.liw.fi: set SSH host certificate
Sponsored-by: author
-rw-r--r-- | ansible/http.liw.fi.yml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml index dde7574..ed409ff 100644 --- a/ansible/http.liw.fi.yml +++ b/ansible/http.liw.fi.yml @@ -2,6 +2,7 @@ remote_user: root roles: - role: sane_debian_system + - role: sshd - role: unix_users - role: apache_server - role: comfortable-debian-system @@ -282,3 +283,8 @@ owner: liw ownermail: liw@liw.fi letsencrypt: no + + sshd_version: 1 + sshd_host_key: "{{ lookup('pipe', 'sshca host private-key http.liw.fi') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 http.liw.fi') }}" + sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}" |