diff options
| author | Lars Wirzenius <liw@liw.fi> | 2022-09-10 09:59:46 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2022-09-10 09:59:46 +0300 |
| commit | 7ccd0289f195d9ebd1ab0007bc9548b3088d609a (patch) | |
| tree | fa4e30fc3ce0de54dc2d95f6f730d5e07ce20293 | |
| parent | 0029263b6f7dc06e7f74985dd875add573b9c553 (diff) | |
| download | ansibleness-7ccd0289f195d9ebd1ab0007bc9548b3088d609a.tar.gz | |
shell-shell.vm.liw.fi: install an SSH host certificate
Sponsored-by: author
| -rw-r--r-- | ansible/shell-shell.vm.liw.fi.yml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ansible/shell-shell.vm.liw.fi.yml b/ansible/shell-shell.vm.liw.fi.yml index 68a6db1..63b63f4 100644 --- a/ansible/shell-shell.vm.liw.fi.yml +++ b/ansible/shell-shell.vm.liw.fi.yml @@ -2,6 +2,7 @@ remote_user: root roles: - role: sane_debian_system + - role: sshd - role: comfortable-debian-system - role: unix_users - role: linkchecker @@ -37,3 +38,8 @@ smarthost_pass_name: pieni.net/smarthost_pass mail_hostname: pieni.net + + sshd_version: 1 + sshd_host_key: "{{ lookup('pipe', 'sshca host private-key shell-shell.vm.liw.fi') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 shell-shell.vm.liw.fi') }}" + sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}" |