diff options
author | Lars Wirzenius <liw@liw.fi> | 2023-09-18 06:36:36 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2023-09-18 06:36:36 +0300 |
commit | 789f8349d63c6e94d6013c400f52f415f992b780 (patch) | |
tree | 32adf4fa99cec40d793674bc43aed65e7303e29e | |
parent | 9aceeff0407cd60dca0acb8d3bbeb910e642cb0c (diff) | |
download | ansibleness-789f8349d63c6e94d6013c400f52f415f992b780.tar.gz |
refactor: use sshd_* vars from all group, when possible
Sponsored-by: author
-rw-r--r-- | ansible/holywood2.yml | 3 | ||||
-rw-r--r-- | ansible/irc.liw.fi.yml | 4 | ||||
-rw-r--r-- | ansible/shell-shell.vm.liw.fi.yml | 4 |
3 files changed, 8 insertions, 3 deletions
diff --git a/ansible/holywood2.yml b/ansible/holywood2.yml index e63a38c..9cf1c10 100644 --- a/ansible/holywood2.yml +++ b/ansible/holywood2.yml @@ -52,6 +52,3 @@ letsencrypt: no sshd_version: 1 - sshd_host_key: "{{ lookup('pipe', 'sshca host private-key holywood2') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 holywood2') }}" - sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" diff --git a/ansible/irc.liw.fi.yml b/ansible/irc.liw.fi.yml index 19abdab..3e094c3 100644 --- a/ansible/irc.liw.fi.yml +++ b/ansible/irc.liw.fi.yml @@ -29,6 +29,10 @@ authorized_keys: | {{ liw_personal_ssh_pub }} + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key irc.liw.fi') }}" sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 irc.liw.fi') }}" diff --git a/ansible/shell-shell.vm.liw.fi.yml b/ansible/shell-shell.vm.liw.fi.yml index 0f01bd0..b6593e8 100644 --- a/ansible/shell-shell.vm.liw.fi.yml +++ b/ansible/shell-shell.vm.liw.fi.yml @@ -39,6 +39,10 @@ mail_hostname: pieni.net + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key shell-shell.vm.liw.fi') }}" sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 shell-shell.vm.liw.fi') }}" |