diff options
Diffstat (limited to 'ansible/irc.liw.fi.yml')
-rw-r--r-- | ansible/irc.liw.fi.yml | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/ansible/irc.liw.fi.yml b/ansible/irc.liw.fi.yml index ca6030e..3e094c3 100644 --- a/ansible/irc.liw.fi.yml +++ b/ansible/irc.liw.fi.yml @@ -1,4 +1,4 @@ -- hosts: irc +- hosts: irc.liw.fi remote_user: root roles: - role: sane_debian_system @@ -12,7 +12,7 @@ sane_debian_system_version: 2 sane_debian_system_hostname: irc - sane_debian_system_codename: bullseye + sane_debian_system_codename: bookworm sane_debian_system_mirror: deb.debian.org unix_users_version: 2 @@ -29,7 +29,11 @@ authorized_keys: | {{ liw_personal_ssh_pub }} + # We must define the sshd variables here. The defaults from the + # "all" group assume sshca knows the host by the + # sane_debian_system_hostname name, which isn't true for this + # host. sshd_version: 1 sshd_host_key: "{{ lookup('pipe', 'sshca host private-key irc.liw.fi') }}" - sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 irc.liw.fi') }}" - sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}" + sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 irc.liw.fi') }}" + sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}" |