1 files changed, 8 insertions, 4 deletions

diff --git a/ansible/irc.liw.fi.yml b/ansible/irc.liw.fi.yml
index ca6030e..3e094c3 100644
--- a/ansible/irc.liw.fi.yml
+++ b/ansible/irc.liw.fi.yml
@@ -1,4 +1,4 @@
-- hosts: irc
+- hosts: irc.liw.fi
   remote_user: root
   roles:
     - role: sane_debian_system
@@ -12,7 +12,7 @@
 
     sane_debian_system_version: 2
     sane_debian_system_hostname: irc
-    sane_debian_system_codename: bullseye
+    sane_debian_system_codename: bookworm
     sane_debian_system_mirror: deb.debian.org
 
     unix_users_version: 2
@@ -29,7 +29,11 @@
         authorized_keys: |
           {{ liw_personal_ssh_pub }}
 
+    # We must define the sshd variables here. The defaults from the
+    # "all" group assume sshca knows the host by the
+    # sane_debian_system_hostname name, which isn't true for this
+    # host.
     sshd_version: 1
     sshd_host_key: "{{ lookup('pipe', 'sshca host private-key irc.liw.fi') }}"
-    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 irc.liw.fi') }}"
-    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}"
+    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify --ca liw.fi/ca/host/v5 irc.liw.fi') }}"
+    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v5') }}"