From 9c802f9919762d6c579ba1ca7ff90bd810ab4269 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Wed, 18 Jun 2025 17:45:23 +0000
Subject: [PATCH] Configure jumphosts for adm hosts

---
 playbooks/adm.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/playbooks/adm.yml b/playbooks/adm.yml
index 3c2bd6c..8028d9d 100644
--- a/playbooks/adm.yml
+++ b/playbooks/adm.yml
@@ -78,6 +78,18 @@
         owner: root
         group: "{{ ansible_wheel }}"
 
+    - name: Configure jumphosts
+      ansible.builtin.copy:
+        dest: /etc/ssh/ssh_config.d/jumphost.conf
+        content: |
+          Host *.iot.foo.sh !gw.iot.foo.sh
+            ProxyJump gw.iot.foo.sh
+          Host *.lan.foo.sh !gw.lan.foo.sh
+            ProxyJump gw.lan.foo.sh
+        mode: "0644"
+        owner: root
+        group: "{{ ansible_wheel }}"
+
     - name: Clone dns repo
       ansible.builtin.git:
         dest: /export/dns