diff options
Diffstat (limited to 'ansible/atuin.liw.fi.yml')
| -rw-r--r-- | ansible/atuin.liw.fi.yml | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/ansible/atuin.liw.fi.yml b/ansible/atuin.liw.fi.yml index 46c78e8..8987e5b 100644 --- a/ansible/atuin.liw.fi.yml +++ b/ansible/atuin.liw.fi.yml @@ -10,7 +10,7 @@ - comfortable-debian-system - unix_users - storage_system - - smarthost-client + - mail-client - vmhost-minimal tasks: - name: "install additional packages" @@ -77,9 +77,13 @@ ferm_iface_ext: "{{ bridge_nic }}" + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key atuin.liw.fi') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v5 atuin.liw.fi') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 atuin.liw.fi') }}" sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" - hosts: nalanda @@ -100,14 +104,14 @@ group: root mode: 0644 roles: - - sshd +# - sshd - role: ferm-firewalled tags: [ferm] - sane_debian_system - self-updating-system - comfortable-debian-system - unix_users - - smarthost-client + - mail-client tasks: - name: "install additional packages" apt: @@ -207,9 +211,13 @@ smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}" relayhost: pieni.net:587 + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key nalanda.liw.fi') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v5 nalanda.liw.fi') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 nalanda.liw.fi') }}" sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" # - hosts: gregvm |