27 lines
805 B
YAML
27 lines
805 B
YAML
|
---
|
||
|
# tasks file for ssh-key-rotation
|
||
|
- name: Generate New ssh Keys
|
||
|
command:
|
||
|
ssh-keygen -t rsa
|
||
|
-N "{{ passphrase }}" -q
|
||
|
-f {{ lookup('env','HOME') + private_key_path }} -y
|
||
|
when: inventory_hostname == play_hosts[0]
|
||
|
delegate_to: localhost
|
||
|
|
||
|
- name: Set Authorized key(s) to the authorized keys file
|
||
|
become: yes
|
||
|
become_user: root
|
||
|
authorized_key:
|
||
|
exclusive: '{{ is_exclusive }}'
|
||
|
user: '{{ host_user }}'
|
||
|
state: present
|
||
|
path: '{{ authorized_keys_path }}'
|
||
|
manage_dir: '{{ should_manage_dir }}'
|
||
|
key: "{{ lookup('file', lookup('env','HOME') + public_key_path)}}"
|
||
|
|
||
|
- debug:
|
||
|
msg: "{{ play_hosts }}"
|
||
|
|
||
|
- name: Test if the new ssh key is allowed to make connections
|
||
|
set_fact: ansible_private_ssh_key={{ lookup('file', lookup('env','HOME') + private_key_path)}}
|