From 3cabf7f6815fea90fec8d7abc770e4ed9fa028da Mon Sep 17 00:00:00 2001 From: Timo Makinen Date: Sun, 30 Oct 2022 22:00:08 +0000 Subject: [PATCH] Move ssh public keys to own files --- files/ssh/adm.pub | 1 + files/ssh/backup.pub | 1 + files/ssh/logsync.pub | 1 + group_vars/all.yml | 6 ++---- playbooks/include/deploy-kvm-guest.yml | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) create mode 100644 files/ssh/adm.pub create mode 100644 files/ssh/backup.pub create mode 100644 files/ssh/logsync.pub diff --git a/files/ssh/adm.pub b/files/ssh/adm.pub new file mode 100644 index 0000000..649b51a --- /dev/null +++ b/files/ssh/adm.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCgu8ICiN2FXbya/TNSDi9b9X6CxwusJrPQFLukYnnoMqPumhMNzw2FeOJ5UG8NSzF5ZsTVPB8p+J8icEmSCknj/tWTCjRTJRJIbPj7pLRwOZDlbtxhumqvmWENoY8CkSq7nkPfGGi5Yaj06jyPcWI02NDP9LL0ColqTKcXolusHAncaPXmNtskuAoVXUcJ60bkmD9xM7K/ANeZWA01W/TPn9bR+Xqs45f8YMKLBf2V2wLmXBU8k/eqK32vh0Q5TD6MWLufLkwI9jyBDQ6bMGWPAoUsqLLcjKq3dDjTOyXrx9K90JMwcVvUTMB7mGjZ4mP1d/Dr1QTIuSFDy24qEjGxz3tBVcdJdkiZ3d38qKLOamTe9n5+1yC9JyhmK1h9NA3yx/ZS0PHvCDAuu8PbHbOVg8wwqpFD0h7n/alJtRRYTWCeOvLhszY8rTOecPCW7JEwbEdY4xRieChGNie6eOlzIhPgv/V6f9ERP2d/e9tdPXg8bu2DMTGNrfx8OE7a6mna+bcriKu4uNj/ckmbEzs08DATvSIDgH5dKzjpmcNp4CmqiWY5mBt1klcHzHWanvRdgdlT/O3TTODKLgyWiTOeWGCvQoSf7aAq9q5O+NL9r53IYDRlgrgMxRjLYUCv/vhrrdC0LXiJdhdLbG+ypZHE5cK3Np4CxPYZN/iownk5zw== root@vm011.home.foo.sh diff --git a/files/ssh/backup.pub b/files/ssh/backup.pub new file mode 100644 index 0000000..336fbc7 --- /dev/null +++ b/files/ssh/backup.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdaNO9dLpI8CVx1rwGsKN45Pgiz+Btrlf2Q/nXCx4Ru root@backup02.home.foo.sh diff --git a/files/ssh/logsync.pub b/files/ssh/logsync.pub new file mode 100644 index 0000000..e276db6 --- /dev/null +++ b/files/ssh/logsync.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIlXfTeMQoYjYVXFH5qhp+YgIBM/1r+BwzME7aEOu2yE logsync@log01.home.foo.sh diff --git a/group_vars/all.yml b/group_vars/all.yml index 3b85e06..3083422 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -33,12 +33,10 @@ tls_bundle: /etc/pki/tls/cert.pem boot_url: https://boot.foo.sh # ssh public keys for logsync user -logsync_publickeys: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIlXfTeMQoYjYVXFH5qhp+YgIBM/1r+BwzME7aEOu2yE logsync@log01.home.foo.sh +logsync_publickeys: "{{ lookup('file', '../files/ssh/logsync.pub') }}" # ssh public keys for backup user -backup_publickeys: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKdaNO9dLpI8CVx1rwGsKN45Pgiz+Btrlf2Q/nXCx4Ru root@backup02.home.foo.sh +backup_publickeys: "{{ lookup('file', '../files/ssh/backup.pub') }}" # hardcode this for now ansible_datacenter: home diff --git a/playbooks/include/deploy-kvm-guest.yml b/playbooks/include/deploy-kvm-guest.yml index 055128d..dc77be5 100644 --- a/playbooks/include/deploy-kvm-guest.yml +++ b/playbooks/include/deploy-kvm-guest.yml @@ -5,7 +5,7 @@ vars: vmhost_uri: "qemu+ssh://root@{{ vmhost }}/system" - root_pubkey: "{{ lookup('file', ansible_private + '/ssh/id_rsa.pub') }}" + root_pubkey: "{{ lookup('file', '../../files/ssh/adm.pub') }}" char: "{{ 'bcdefghijklmnopqrstuvwxyz'|list }}" console_log: "/var/log/libvirt/qemu/{{ inventory_hostname }}.console.log"