Mercurial > hg > mhoward > devbox-ansible / changeset
changeset
simplify hostkeys
Wed, 14 Jun 2017 22:34:52 -0400
- author
- Meredith Howard <mhoward@roomag.org>
- date
- Wed, 14 Jun 2017 22:34:52 -0400
- changeset 58
- d03c346f71c2
- parent 57
- 6172fc31a08f
- child 59
- f1f2724d73a8
simplify hostkeys
--- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -6,9 +6,3 @@ gui_session: "i3" dotfiles_default: https://bitbucket.org/merrilymeredith/dotfiles dotfiles_default_push: ssh://mhoward@roomag.org/proj/dotfiles - -hostkeys: - roomag.org: - "|1|9luVS5b1COPzsVIoHy3SZyFO7+w=|ofEQRdPBaHKq635vwgADi4+o8cM= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo=" - ramdas.roomag.org: - "|1|9luVS5b1COPzsVIoHy3SZyFO7+w=|ofEQRdPBaHKq635vwgADi4+o8cM= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo="
new file mode 100644 --- /dev/null +++ b/roles/devbox/files/ssh_hosts @@ -0,0 +1,2 @@ +roomag.org +ramdas.roomag.org
new file mode 100644 --- /dev/null +++ b/roles/devbox/files/ssh_known_hosts @@ -0,0 +1,4 @@ +|1|a6QxwLaJ1qHO7XRMHOvI1N0dEs4=|uPAhdR4hD0e0Dx5BSCaGuO7y/FE= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJfQNs49+CoRbiWO242lYWvS5XGXnVFC4oDlQecnr7MuNy1qzxwJ4fyY2dUcBPK3rs7BrHovGjbBZXdHUHRzGzbmmRSdb6ERpLQK2nK6W1XQUbFXgAVIsENTuPP2qStC5Mt32dHM7YmUG0KwarXLPYmjxhbbVmL2K5mzQaW/sKjF9sqXCBed9kzsa6PHNetZaG9Jz31mv5XaMMEBmvWOCzJMDi6Npz8eSoAL/tF6B0MUdksudflTX9TSnWPaaR3f4Q6+8V+zEtGVo91y3wgeJQuTxSzUsLDw9zOp4gQZXHFyBYZHIxKcQza8Mf344VjEQo9Xk9cO5wmJGXK60gOoAr +|1|v2rlY21eHES2vnhDomLX7a5YFWA=|rNCDyWBIcy6ut87GIETo1KYjrpk= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo= +|1|x06vlm4S0AK+kAR4EHDtJIHTZUw=|tFegqajERBOgblFwlbDzC4gzuco= ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJfQNs49+CoRbiWO242lYWvS5XGXnVFC4oDlQecnr7MuNy1qzxwJ4fyY2dUcBPK3rs7BrHovGjbBZXdHUHRzGzbmmRSdb6ERpLQK2nK6W1XQUbFXgAVIsENTuPP2qStC5Mt32dHM7YmUG0KwarXLPYmjxhbbVmL2K5mzQaW/sKjF9sqXCBed9kzsa6PHNetZaG9Jz31mv5XaMMEBmvWOCzJMDi6Npz8eSoAL/tF6B0MUdksudflTX9TSnWPaaR3f4Q6+8V+zEtGVo91y3wgeJQuTxSzUsLDw9zOp4gQZXHFyBYZHIxKcQza8Mf344VjEQo9Xk9cO5wmJGXK60gOoAr +|1|7yhwqYSN8fkAhVRXfS2POYRhpHY=|jk8c9eRExFVt2VD0Xql3Z7GekRA= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIlCnrGFQ7LiR4HPUv11Qp9d4vhctwqihA4+TBnYORm088OZMyC9WcqcsD5uOKrLSjireBmxEDMat0W7rKgJnpo=
--- a/roles/devbox/tasks/main.yml +++ b/roles/devbox/tasks/main.yml @@ -3,20 +3,9 @@ - include: dist-debian.yml when: ansible_os_family == 'Debian' -- name: "ssh : Ensure known_hosts keys" - lineinfile: +- name: "ssh : Sync system ssh_known_hosts" + copy: + src: ssh_known_hosts dest: /etc/ssh/ssh_known_hosts - state: present - line: "{{item.value}}" - create: true mode: 0644 - with_dict: "{{hostkeys}}" tags: ssh - -- name: "ssh : Purge invalid known_hosts keys" - lineinfile: - dest: /etc/ssh/ssh_known_hosts - state: absent - line: "{{item.value}}" - with_dict: "{{hostkeys_removed}}" - tags: ssh
