ganeti-ansible/roles/node/tasks/keys.yml
2024-11-26 15:56:58 +01:00

36 lines
1.0 KiB
YAML

- name: Check if node has a key
ansible.builtin.stat:
path: /root/.ssh/id_rsa.pub
register: key_check
- name: Generate an OpenSSH keypair
community.crypto.openssh_keypair:
path: /root/.ssh/id_rsa
when: not key_check.stat.exists
- name: Fetch keys to local machine
ansible.builtin.fetch:
src: /root/.ssh/id_rsa.pub
dest: /tmp/fetched_keys/
- name: Copy keys
ansible.builtin.copy:
src: /tmp/fetched_keys
dest: /tmp
mode: "0644"
- name: Add key to authorized_keys
ansible.posix.authorized_key:
user: root
state: present
key: "{{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
loop: "{{ groups['nodes'] }}"
- name: Add key to known_hosts
ansible.builtin.known_hosts:
path: /root/.ssh/known_hosts
name: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti"
key: "ganeti-{{ groups['nodes'].index(item) + 1 }}.ganeti {{ lookup('file', '/tmp/fetched_keys/' + item + '/root/.ssh/id_rsa.pub') }}"
state: present
loop: "{{ groups['nodes'] }}"