From 5c8994f5e2ac8187f2c7b7a4ba635216bb886871 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Tue, 16 Aug 2022 11:41:13 +0300
Subject: holywood2: set host certificate

Sponsored-by: author
---
 ansible/holywood2.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ansible/holywood2.yml b/ansible/holywood2.yml
index afc95a0..fc3101c 100644
--- a/ansible/holywood2.yml
+++ b/ansible/holywood2.yml
@@ -2,6 +2,7 @@
   remote_user: root
   roles:
     - sane_debian_system
+    - sshd
     - ssd
     - comfortable-debian-system
     - version-controller
@@ -48,3 +49,8 @@
     smarthost_password: "{{ lookup('pipe', 'pass show pieni.net/pienirelay') }}"
 
     letsencrypt: no
+
+    sshd_version: 1
+    sshd_host_key: "{{ lookup('pipe', 'sshca host private-key holywood2') }}"
+    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v3 holywood2') }}"
+    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}"
-- 
cgit v1.2.1