ssh-key-rotation-role/tasks/main.yaml

---
- name: Check if the passphrase inputs match
  assert:
    that:
      - "{{ passphrase == confirm_passphrase }}"
    fail_msg: "Passphrase inputs do not match"
  when: passphrase != confirm_passphrase

- import_tasks: generate_key.yaml
  when: generate_new_key | default(True)

- name: Ensure that ssh connection key is defined
  assert:
    that: ssh_connection_key is defined

- name: Set Authorized key(s) to the authorized keys file
  become: true
  when: ssh_connection_key is defined
  authorized_key:
    exclusive: '{{ is_exclusive }}'
    user: '{{ ssh_host_user }}'
    state: present
    path: '/home/{{ ssh_host_user }}/{{ authorized_keys_path }}'
    manage_dir: '{{ should_manage_dir }}'
    key: "{{ ssh_connection_key }}"

- name: copy
  when: generate_new_key != true
  copy:
    content: "{{ ssh_connection_key }}"
    dest: "{{ ssh_key_path }}"

- name: Add deployment key
  when: ssh_deployment_key is defined
  become: yes
  become_user: root
  authorized_key:
    user: '{{ ssh_host_user }}'
    state: present
    path: '/home/{{ ssh_host_user }}/{{ authorized_keys_path }}'
    manage_dir: '{{ should_manage_dir }}'
    key: "{{ ssh_deployment_key }}"

- name: Set ownership and permissions for SSH private key
  ansible.builtin.file:
    path: '/home/{{ ssh_host_user }}/{{ ssh_key_path }}'
    owner: 1000
    group: 1000
    mode: 0600
  delegate_to: localhost
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00			`---`
Modified the role + Updated the LICENSE 2023-11-07 21:39:17 +08:00			`- name: Check if the passphrase inputs match`
			`assert:`
			`that:`
			`- "{{ passphrase == confirm_passphrase }}"`
			`fail_msg: "Passphrase inputs do not match"`
			`when: passphrase != confirm_passphrase`

Use .yaml 2023-11-13 20:39:10 +08:00			`- import_tasks: generate_key.yaml`
ft(ssh): deployment key - add capability to add seperate deployment key - add capability to not generate new key 2017-02-18 03:24:14 +08:00			`when: generate_new_key \| default(True)`
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00
ft(ssh): deployment key - add capability to add seperate deployment key - add capability to not generate new key 2017-02-18 03:24:14 +08:00			`- name: Ensure that ssh connection key is defined`
			`assert:`
			`that: ssh_connection_key is defined`
ft(readme): modify readme - add sample usage - add description of the role - add licence of the role 2017-02-16 04:02:00 +08:00
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00			`- name: Set Authorized key(s) to the authorized keys file`
Modified the role + Updated the LICENSE 2023-11-07 21:39:17 +08:00			`become: true`
ft(ssh): deployment key - add capability to add seperate deployment key - add capability to not generate new key 2017-02-18 03:24:14 +08:00			`when: ssh_connection_key is defined`
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00			`authorized_key:`
			`exclusive: '{{ is_exclusive }}'`
ft(readme): modify readme - add sample usage - add description of the role - add licence of the role 2017-02-16 04:02:00 +08:00			`user: '{{ ssh_host_user }}'`
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00			`state: present`
Modified the role + Updated the LICENSE 2023-11-07 21:39:17 +08:00			`path: '/home/{{ ssh_host_user }}/{{ authorized_keys_path }}'`
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00			`manage_dir: '{{ should_manage_dir }}'`
ft(ssh): deployment key - add capability to add seperate deployment key - add capability to not generate new key 2017-02-18 03:24:14 +08:00			`key: "{{ ssh_connection_key }}"`

			`- name: copy`
			`when: generate_new_key != true`
			`copy:`
			`content: "{{ ssh_connection_key }}"`
			`dest: "{{ ssh_key_path }}"`

			`- name: Add deployment key`
			`when: ssh_deployment_key is defined`
			`become: yes`
			`become_user: root`
			`authorized_key:`
			`user: '{{ ssh_host_user }}'`
			`state: present`
Modified the role + Updated the LICENSE 2023-11-07 21:39:17 +08:00			`path: '/home/{{ ssh_host_user }}/{{ authorized_keys_path }}'`
ft(ssh): deployment key - add capability to add seperate deployment key - add capability to not generate new key 2017-02-18 03:24:14 +08:00			`manage_dir: '{{ should_manage_dir }}'`
			`key: "{{ ssh_deployment_key }}"`
ft(ssh-rotation): Rotate ssh keys - add task to generate new keys - add task to rotate new keys - add new key to inventory 2017-02-16 03:41:30 +08:00
Added task to set SSH key permission 2023-11-15 03:08:19 +08:00			`- name: Set ownership and permissions for SSH private key`
			`ansible.builtin.file:`
			`path: '/home/{{ ssh_host_user }}/{{ ssh_key_path }}'`
			`owner: 1000`
			`group: 1000`
			`mode: 0600`
			`delegate_to: localhost`