proxy_settings_no_proxy: "{{ lookup('env','no_proxy') }}"
tasks:
- - name: Configure SSH key for root user
- user:
- name: root
- generate_ssh_key: yes
- ssh_key_bits: 2048
- ssh_key_comment: xci
- ssh_key_type: rsa
- state: present
-
- name: Copy releng-xci to remote host
synchronize:
src: "{{ xci_path }}/"
dest: "{{ xci_path }}/.cache/openrc"
flat: true
- - name: Determine local user
- become: no
- local_action: command whoami
- changed_when: False
- register: _ansible_user
-
- - name: Fetch local SSH key
- delegate_to: localhost
- become: no
- slurp:
- src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub"
- register: _local_ssh_key
-
- - name: Configure OPNFV authorized_keys file
- authorized_key:
- exclusive: yes
- user: root
- state: present
- manage_dir: yes
- comment: "{{ _ansible_user.stdout }} key"
- key: "{{ _local_ssh_key['content'] | b64decode }}"
+ - name: Manage SSH keys
+ include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssh-keys.yml"
- xci_ceph_enabled == "true"
- "'compute' in group_names"
tasks:
- - name: Determine local user
- become: no
- local_action: command whoami
- changed_when: False
- register: _ansible_user
-
- - name: Fetch local SSH key
- delegate_to: localhost
- become: no
- slurp:
- src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub"
- register: _local_ssh_key
-
- - name: Fetch OPNFV SSH key
- delegate_to: opnfv
- slurp:
- src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub"
- register: _opnfv_ssh_key
-
- - name: "Configure {{ inventory_hostname }} authorized_keys file"
- authorized_key:
- exclusive: "{{ item.exclusive }}"
- user: root
- state: present
- manage_dir: yes
- key: "{{ item.key }}"
- comment: "{{ item.comment }}"
- with_items:
- - { key: "{{ _local_ssh_key['content'] | b64decode }}", comment: "{{ _ansible_user.stdout }} key", exclusive: yes }
- - { key: "{{ _opnfv_ssh_key['content'] | b64decode }}", comment: "opnfv host key", exclusive: no }
+ - name: Manage SSH keys
+ include_tasks: "{{ xci_path }}/xci/playbooks/manage-ssh-keys.yml"
--- /dev/null
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018 SUSE Linux GmbH and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- name: Configure SSH key for root user
+ user:
+ name: root
+ generate_ssh_key: yes
+ ssh_key_bits: 2048
+ ssh_key_comment: xci
+ ssh_key_type: rsa
+ state: present
+
+- name: Determine local user
+ become: no
+ local_action: command whoami
+ changed_when: False
+ register: _ansible_user
+
+- name: Fetch local SSH key
+ delegate_to: localhost
+ become: no
+ slurp:
+ src: "/home/{{ _ansible_user.stdout }}/.ssh/id_rsa.pub"
+ register: _local_ssh_key
+
+- name: Fetch OPNFV SSH key
+ delegate_to: opnfv
+ slurp:
+ src: "{{ ansible_env.HOME }}/.ssh/id_rsa.pub"
+ register: _opnfv_ssh_key
+
+- name: "Configure {{ inventory_hostname }} authorized_keys file"
+ authorized_key:
+ exclusive: "{{ item.exclusive }}"
+ user: root
+ state: present
+ manage_dir: yes
+ key: "{{ item.key }}"
+ comment: "{{ item.comment }}"
+ with_items:
+ - { key: "{{ _local_ssh_key['content'] | b64decode }}", comment: "{{ _ansible_user.stdout }} key", exclusive: yes }
+ - { key: "{{ _opnfv_ssh_key['content'] | b64decode }}", comment: "opnfv host key", exclusive: no }
Code Review / releng-xci.git / commitdiff