mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-18 20:46:26 +02:00
26f289b72b
ansible-lint 6.5.0 complains about:
name: All names should start with an
uppercase letter. (name[casing])
60 lines
1.6 KiB
YAML
60 lines
1.6 KiB
YAML
- name: Fetch ssh hostkeys
|
|
hosts: all
|
|
gather_facts: false
|
|
tasks:
|
|
- name: Fetch hostkey checksums
|
|
shell: |
|
|
for type in sha256 md5; do
|
|
for file in /etc/ssh/ssh_host_*.pub; do
|
|
ssh-keygen -l -f $file -E $type
|
|
done
|
|
echo
|
|
done
|
|
register: ssh_hostkeys
|
|
changed_when: ssh_hostkeys | length > 0
|
|
|
|
- name: Fetch known_hosts
|
|
shell: |
|
|
set -eo pipefail
|
|
ssh-keyscan 127.0.0.1 2>/dev/null \
|
|
| sed 's#^127.0.0.1#{{ inventory_hostname }}#' \
|
|
| sort
|
|
environment:
|
|
LC_COLLATE: C.UTF-8 # to ensure reproducible ordering
|
|
args:
|
|
executable: /bin/bash
|
|
register: known_hosts
|
|
changed_when: known_hosts | length > 0
|
|
|
|
- name: Store hostkeys
|
|
hosts: localhost
|
|
tasks:
|
|
- name: Store hostkeys
|
|
copy:
|
|
dest: "{{ playbook_dir }}/../../docs/ssh-hostkeys.txt"
|
|
content: |
|
|
{% for host in query('inventory_hostnames', 'all') | sort %}
|
|
# {{ host }}
|
|
{{ hostvars[host].ssh_hostkeys.stdout }}
|
|
|
|
{% endfor %}
|
|
mode: preserve
|
|
|
|
- name: Store known_hosts
|
|
blockinfile:
|
|
path: "{{ playbook_dir }}/../../docs/ssh-known_hosts.txt"
|
|
block: |
|
|
|
|
{% for host in query('inventory_hostnames', 'all') | sort %}
|
|
# {{ host }}
|
|
{{ hostvars[host].known_hosts.stdout }}
|
|
|
|
{% endfor %}
|
|
|
|
- name: Upload known_hosts to all nodes
|
|
hosts: all
|
|
tasks:
|
|
- name: Upload known_hosts
|
|
copy: dest=/etc/ssh/ssh_known_hosts src="{{ playbook_dir }}/../../docs/ssh-known_hosts.txt" owner=root group=root mode=0644
|
|
tags: ['upload-known-hosts']
|