diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-09-10 10:07:51 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-09-10 10:07:51 +0300 |
commit | 067ee8bc4e65bb0a4ebcb359d7398cd47801922c (patch) | |
tree | 79454b3ed82af3a231405344bf2aacbc58c691ee | |
parent | 7ccd0289f195d9ebd1ab0007bc9548b3088d609a (diff) | |
download | ansibleness-067ee8bc4e65bb0a4ebcb359d7398cd47801922c.tar.gz |
irc.liw.fi: install SSH host certificate
Sponsored-by: author
-rw-r--r-- | ansible/irc.liw.fi.yml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ansible/irc.liw.fi.yml b/ansible/irc.liw.fi.yml index 54a50c5..ca6030e 100644 --- a/ansible/irc.liw.fi.yml +++ b/ansible/irc.liw.fi.yml @@ -2,6 +2,7 @@ remote_user: root roles: - role: sane_debian_system + - role: sshd - role: comfortable-debian-system - role: unix_users - role: self-updating-system @@ -27,3 +28,8 @@ comment: Lars Wirzenius authorized_keys: | {{ liw_personal_ssh_pub }} + + sshd_version: 1 + sshd_host_key: "{{ lookup('pipe', 'sshca host private-key irc.liw.fi') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 irc.liw.fi') }}" + sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}" |