25294d025f
- add sample usage - add description of the role - add licence of the role
32 lines
961 B
YAML
32 lines
961 B
YAML
---
|
|
# tasks file for ssh-key-rotation
|
|
- name: Generate New ssh Keys
|
|
command:
|
|
ssh-keygen
|
|
-t rsa
|
|
-b {{ ssh_key_bits }}
|
|
-N "{{ passphrase }}" -q
|
|
-f {{ lookup('env','HOME')}}/{{ ssh_key_path }}
|
|
-C {{ ssh_key_comment }}
|
|
when: inventory_hostname == play_hosts[0]
|
|
args:
|
|
creates: "{{ lookup('env','HOME')}}/{{ ssh_key_path }}"
|
|
delegate_to: localhost
|
|
|
|
- name: Store then value of the ssh key path
|
|
set_fact: key_path={{ lookup('env','HOME')}}/{{ ssh_key_path }}
|
|
|
|
- name: Set Authorized key(s) to the authorized keys file
|
|
become: yes
|
|
become_user: root
|
|
authorized_key:
|
|
exclusive: '{{ is_exclusive }}'
|
|
user: '{{ ssh_host_user }}'
|
|
state: present
|
|
path: '{{ authorized_keys_path }}'
|
|
manage_dir: '{{ should_manage_dir }}'
|
|
key: "{{ lookup('file', key_path + '.pub') }}"
|
|
|
|
- name: Test if the new ssh key is allowed to make connections
|
|
set_fact: ansible_private_ssh_key={{ lookup('file', key_path)}}
|