summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wirzenius <liw@liw.fi>2022-09-10 09:50:50 +0300
committerLars Wirzenius <liw@liw.fi>2022-09-10 09:50:50 +0300
commit0029263b6f7dc06e7f74985dd875add573b9c553 (patch)
tree9cbac8895adcc5233b95a2286cb80ff55b15c1c9
parent2b020e24e4113d221222f0104cfda6a9a9ea47f7 (diff)
downloadansibleness-0029263b6f7dc06e7f74985dd875add573b9c553.tar.gz
http.liw.fi: set SSH host certificate
Sponsored-by: author
-rw-r--r--ansible/http.liw.fi.yml6
1 files changed, 6 insertions, 0 deletions
diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml
index dde7574..ed409ff 100644
--- a/ansible/http.liw.fi.yml
+++ b/ansible/http.liw.fi.yml
@@ -2,6 +2,7 @@
remote_user: root
roles:
- role: sane_debian_system
+ - role: sshd
- role: unix_users
- role: apache_server
- role: comfortable-debian-system
@@ -282,3 +283,8 @@
owner: liw
ownermail: liw@liw.fi
letsencrypt: no
+
+ sshd_version: 1
+ sshd_host_key: "{{ lookup('pipe', 'sshca host private-key http.liw.fi') }}"
+ sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 http.liw.fi') }}"
+ sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}"