diff options
| author | Lars Wirzenius <liw@liw.fi> | 2016-04-16 13:52:33 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2016-04-16 13:52:33 +0300 |
| commit | 247e400a8af284b0cbea7c0cf8f306b4918a67a5 (patch) | |
| tree | 6f5e8d6d322602c227bd7602887e5024a4984030 | |
| parent | 9f8affaac116a9a45fc8b6ec7a4ee0e96a5ecf57 (diff) | |
| download | ansibleness-247e400a8af284b0cbea7c0cf8f306b4918a67a5.tar.gz | |
Deploy sshforward keypair to holywood
| -rw-r--r-- | ansible/roles/sshforwarder/tasks/main.yml | 13 | ||||
| -rwxr-xr-x | ansible/run-playbook | 16 | ||||
| -rw-r--r-- | ansible/servers.yml | 3 | ||||
| -rw-r--r-- | ansible/ssh_keypairs/.gpg-id | 1 | ||||
| -rw-r--r-- | ansible/ssh_keypairs/sshforward/holywood.gpg | bin | 0 -> 2257 bytes | |||
| -rw-r--r-- | ansible/ssh_keypairs/sshforward/holywood.pub.gpg | bin | 0 -> 974 bytes |
6 files changed, 33 insertions, 0 deletions
diff --git a/ansible/roles/sshforwarder/tasks/main.yml b/ansible/roles/sshforwarder/tasks/main.yml index 5901489..7552b8f 100644 --- a/ansible/roles/sshforwarder/tasks/main.yml +++ b/ansible/roles/sshforwarder/tasks/main.yml @@ -2,6 +2,19 @@ - user: name: sshforward +- copy: + content: "{{ sshforward_key }}" + dest: /home/sshforward/.ssh/id_rsa + owner: sshforward + group: sshforward + mode: 0600 +- copy: + content: "{{ sshforward_key_pub }}" + dest: /home/sshforward/.ssh/id_rsa.pub + owner: sshforward + group: sshforward + mode: 0644 + - name: forward ssh to pieni.net template: src: sshforward.service diff --git a/ansible/run-playbook b/ansible/run-playbook new file mode 100755 index 0000000..bfd7331 --- /dev/null +++ b/ansible/run-playbook @@ -0,0 +1,16 @@ +#!/bin/sh + +set -eu + +abspath() +{ + (cd "$1" && pwd) +} + +srcdir() +{ + abspath "$(dirname "$0")" +} + +export PASSWORD_STORE_DIR="$(srcdir)"/ssh_keypairs +ansible-playbook -i hosts "$@" diff --git a/ansible/servers.yml b/ansible/servers.yml index 468dd8a..0eb248a 100644 --- a/ansible/servers.yml +++ b/ansible/servers.yml @@ -5,6 +5,9 @@ vars: debian_mirror: http://ftp.fi.debian.org/debian debian_mirror_src: http://httpredir.debian.org/debian + sshforward_key: "{{ lookup('pipe', 'pass show sshforward/holywood') }}" + sshforward_key_pub: > + "{{ lookup('pipe', 'pass show sshforward/holywood.pub') }}" sshforward_port: 22022 roles: - apt-setup diff --git a/ansible/ssh_keypairs/.gpg-id b/ansible/ssh_keypairs/.gpg-id new file mode 100644 index 0000000..374577f --- /dev/null +++ b/ansible/ssh_keypairs/.gpg-id @@ -0,0 +1 @@ +DBE5439D97D8262664A1B01844E17740B8611E9C diff --git a/ansible/ssh_keypairs/sshforward/holywood.gpg b/ansible/ssh_keypairs/sshforward/holywood.gpg Binary files differnew file mode 100644 index 0000000..c856dff --- /dev/null +++ b/ansible/ssh_keypairs/sshforward/holywood.gpg diff --git a/ansible/ssh_keypairs/sshforward/holywood.pub.gpg b/ansible/ssh_keypairs/sshforward/holywood.pub.gpg Binary files differnew file mode 100644 index 0000000..91f2837 --- /dev/null +++ b/ansible/ssh_keypairs/sshforward/holywood.pub.gpg |