diff options
| author | Lars Wirzenius <liw@liw.fi> | 2023-06-08 21:46:52 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2023-06-08 21:46:52 +0300 |
| commit | a001ecdef4212457874ad970530a010875c449f9 (patch) | |
| tree | 56e2d4a6b1e00e3e2983d0cddbad48009cfed279 /v-i | |
| parent | 83dbbed6ef9a08d904db9ddc5eb019224bf273e1 (diff) | |
| download | ansibleness-a001ecdef4212457874ad970530a010875c449f9.tar.gz | |
upliw0: to bookworm
Sponsored-by: author
Diffstat (limited to 'v-i')
| -rwxr-xr-x | v-i/hostid.py | 73 | ||||
| -rw-r--r-- | v-i/upliw-spec.yaml | 2 |
2 files changed, 1 insertions, 74 deletions
diff --git a/v-i/hostid.py b/v-i/hostid.py index e816721..e69de29 100755 --- a/v-i/hostid.py +++ b/v-i/hostid.py @@ -1,73 +0,0 @@ -#!/usr/bin/python3 - -import argparse -import yaml -import sys -from subprocess import run, PIPE - - -DEFAULT_HOST_CA = "liw.fi/ca/host/v5" -DEFAULT_USER_CA = "liw.fi/ca/user/v5" - - -class HostId: - def __init__(self): - self.user_ca_pubkey = None - self.host_key = None - self.host_cert = None - - def set_user_ca_pubkey(self, value): - self.user_ca_pubkey = value - - def set_host_key(self, value): - self.host_key = value - - def set_host_cert(self, value): - self.host_cert = value - - def to_dict(self): - return { - "user_ca_pubkey": self.user_ca_pubkey, - "host_key": self.host_key, - "host_cert": self.host_cert, - } - - -def sshca(args): - p = run(["sshca"] + args, capture_output=True, check=True) - return p.stdout.decode().strip() - - -def user_ca_pubkey(ca_name): - return sshca(["ca", "public-key", ca_name]).strip() - - -def host_key(hostname): - sshca(["host", "regenerate", hostname]) - return sshca(["host", "private-key", hostname]).strip() - - -def host_cert(ca_name, hostname): - return sshca(["host", "certify", ca_name, hostname]).strip() - - -def main(): - parser = argparse.ArgumentParser() - parser.add_argument("--hostname", required=True) - parser.add_argument("--host-ca", default=DEFAULT_HOST_CA) - parser.add_argument("--user-ca", default=DEFAULT_USER_CA) - values = parser.parse_args() - - hostname = values.hostname - host_ca = values.host_ca - user_ca = values.user_ca - - hostid = HostId() - hostid.set_user_ca_pubkey(user_ca_pubkey(user_ca)) - hostid.set_host_key(host_key(hostname)) - hostid.set_host_cert(host_cert(host_ca, hostname)) - yaml.safe_dump(hostid.to_dict(), stream=sys.stdout, indent=4) - - -if __name__ == "__main__": - main() diff --git a/v-i/upliw-spec.yaml b/v-i/upliw-spec.yaml index 155de3f..aead751 100644 --- a/v-i/upliw-spec.yaml +++ b/v-i/upliw-spec.yaml @@ -3,7 +3,7 @@ luks: asdf drive: /dev/nvme0n1 extra_lvs: - name: home - size: 10G + size: 100G mounted: /home ansible_vars_files: - hostid.yml |