mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-24 18:08:28 +01:00
add rotate ssh module to matrix-awx
This commit is contained in:
parent
8339103594
commit
6902ee5aa7
@ -26,7 +26,7 @@ The following repositories allow you to copy and use this setup:
|
||||
|
||||
Updates to this section are trailed here:
|
||||
|
||||
[GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/gomatrixhosting-matrix-docker-ansible-deploy)
|
||||
[GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/matrix-docker-ansible-deploy)
|
||||
|
||||
|
||||
## Does I need an AWX setup to use this? How do I configure it?
|
||||
|
@ -62,6 +62,15 @@
|
||||
tags:
|
||||
- purge-database
|
||||
|
||||
# Rotate SSH key if called
|
||||
- include_tasks:
|
||||
file: "rotate_ssh.yml"
|
||||
apply:
|
||||
tags: rotate-ssh
|
||||
when: run_setup|bool and matrix_awx_enabled|bool
|
||||
tags:
|
||||
- rotate-ssh
|
||||
|
||||
# Import configs, media repo from /chroot/backup import
|
||||
- include_tasks:
|
||||
file: "import_awx.yml"
|
||||
|
23
roles/matrix-awx/tasks/rotate_ssh.yml
Normal file
23
roles/matrix-awx/tasks/rotate_ssh.yml
Normal file
@ -0,0 +1,23 @@
|
||||
|
||||
#- name: Update authorized_keys with new client public key
|
||||
# #delegate_to: "matrix.{{ id_array.0 }}"
|
||||
# delegate_to: "{{ id_array.0 }}"
|
||||
# shell: |
|
||||
# cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.backup \
|
||||
# && truncate -s 0 /root/.ssh/authorized_keys \
|
||||
# && echo "{{ new_ssh_public_key }}" >> /root/.ssh/authorized_keys
|
||||
|
||||
- name: Set the new authorized key taken from file
|
||||
authorized_key:
|
||||
user: root
|
||||
state: present
|
||||
exclusive: yes
|
||||
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
|
||||
|
||||
- name: Set boolean value to exit playbook
|
||||
set_fact:
|
||||
end_playbook: true
|
||||
|
||||
- name: End playbook if this task list is called.
|
||||
meta: end_play
|
||||
when: end_playbook is defined and end_playbook|bool
|
Loading…
Reference in New Issue
Block a user