diff options
author | Lars Wirzenius <liw@liw.fi> | 2023-09-18 06:45:09 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2023-09-18 06:45:09 +0300 |
commit | 373ff634e83dfd131fe2c47106da15be82d597c6 (patch) | |
tree | a652cbb2e3630c49ef6ed6738dccd932e8e397d4 | |
parent | 146d3f446353a2af73651b4779df87b975c27740 (diff) | |
download | ansibleness-373ff634e83dfd131fe2c47106da15be82d597c6.tar.gz |
more hosts using the default sshd_ variables when possible
Sponsored-by: author
-rw-r--r-- | ansible/ambient-dev.yml | 3 | ||||
-rw-r--r-- | ansible/atuin.liw.fi.yml | 8 | ||||
-rw-r--r-- | ansible/x220.yml | 3 |
3 files changed, 8 insertions, 6 deletions
diff --git a/ansible/ambient-dev.yml b/ansible/ambient-dev.yml index 202fa8a..d0116c5 100644 --- a/ansible/ambient-dev.yml +++ b/ansible/ambient-dev.yml @@ -42,7 +42,4 @@ signing_key: "{{ ci_prod_signing_key }}" sshd_version: 1 - sshd_host_key: "{{ lookup('pipe', 'sshca host private-key {{ sane_debian_system_hostname }}') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 {{ sane_debian_system_hostname }}') }}" - sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" diff --git a/ansible/atuin.liw.fi.yml b/ansible/atuin.liw.fi.yml index 6aaf296..7c7c55e 100644 --- a/ansible/atuin.liw.fi.yml +++ b/ansible/atuin.liw.fi.yml @@ -77,6 +77,10 @@ ferm_iface_ext: "{{ bridge_nic }}" + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key atuin.liw.fi') }}" sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 atuin.liw.fi') }}" @@ -207,6 +211,10 @@ smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" relayhost: pieni.net:587 + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key nalanda.liw.fi') }}" sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 nalanda.liw.fi') }}" diff --git a/ansible/x220.yml b/ansible/x220.yml index b65bc1f..a25eb67 100644 --- a/ansible/x220.yml +++ b/ansible/x220.yml @@ -53,9 +53,6 @@ comment: Lars Wirzenius sshd_version: 1 - sshd_host_key: "{{ lookup('pipe', 'sshca host private-key x220') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 x220') }}" - sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" puomi_lan_ip: 10.3.3.1 puomi_dhcp_start: 10.3.3.10 |