exolobe2: set host certificate

Sponsored-by: author
author: Lars Wirzenius <liw@liw.fi> 2022-08-16 11:37:34 +0300
committer: Lars Wirzenius <liw@liw.fi> 2022-08-16 11:37:34 +0300
commit: 77a6bd0b376d5be102f151ab53edcea233efce82 (patch)
tree: fc8072bc8b376bdca496d4b3d52f461c6a6c0c4f /ansible/exolobe2.yml
parent: 0382c8c2fc5ac42f349c6c99748a098e80ff20de (diff)
download: ansibleness-77a6bd0b376d5be102f151ab53edcea233efce82.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/ansible/exolobe2.yml b/ansible/exolobe2.yml
index 8330d17..4d0f291 100644
--- a/ansible/exolobe2.yml
+++ b/ansible/exolobe2.yml
@@ -3,6 +3,7 @@
   become: yes
   roles:
     - sane_debian_system
+    - sshd
     - ssd
     - comfortable-debian-system
     - unix_users
@@ -47,3 +48,8 @@
     smarthost: pieni.net
     smarthost_user: pienirelay
     smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}"
+
+    sshd_version: 1
+    sshd_host_key: "{{ lookup('pipe', 'sshca host private-key exolobe2') }}"
+    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v3 exolobe2') }}"
+    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}"
author	Lars Wirzenius <liw@liw.fi>	2022-08-16 11:37:34 +0300
committer	Lars Wirzenius <liw@liw.fi>	2022-08-16 11:37:34 +0300
commit	77a6bd0b376d5be102f151ab53edcea233efce82 (patch)
tree	fc8072bc8b376bdca496d4b3d52f461c6a6c0c4f /ansible/exolobe2.yml
parent	0382c8c2fc5ac42f349c6c99748a098e80ff20de (diff)
download	ansibleness-77a6bd0b376d5be102f151ab53edcea233efce82.tar.gz