36 lines
1.0 KiB
YAML
36 lines
1.0 KiB
YAML
|
- name: Check if node has a key
|
||
|
|
ansible.builtin.stat:
|
||
|
|
path: /root/.ssh/id_rsa.pub
|
||
|
|
register: key_check
|
||
|
|
|
||
|
|
- name: Generate an OpenSSH keypair
|
||
|
|
community.crypto.openssh_keypair:
|
||
|
|
path: /root/.ssh/id_rsa
|
||
|
|
when: not key_check.stat.exists
|
||
|
|
|
||
|
|
- name: Fetch keys to local machine
|
||
|
|
ansible.builtin.fetch:
|
||
|
|
src: /root/.ssh/id_rsa.pub
|
||
|
|
dest: /tmp/fetched_keys/
|
||
|
|
|
||
|
|
- name: Copy keys
|
||
|
|
ansible.builtin.copy:
|
||
|
|
src: /tmp/fetched_keys
|
||
|
|
dest: /tmp
|
||
|
|
mode: "0644"
|
||
|
|
|
||
|
|
- name: Add key to authorized_keys
|
||
|
|
ansible.posix.authorized_key:
|
||
|
|
user: root
|
||
|
|
state: present
|
||
|
|
key: "{{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
|
||
|
|
loop: "{{ groups['nodes'] }}"
|
||
|
|
|
||
|
|
- name: Add key to known_hosts
|
||
|
|
ansible.builtin.known_hosts:
|
||
|
|
path: /root/.ssh/known_hosts
|
||
|
|
name: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti"
|
||
|
|
key: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti {{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
|
||
|
|
state: present
|
||
|
|
loop: "{{ groups['nodes'] }}"
|