generated from oracle-devrel/repo-template
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #26 from bgraef/main
add pwdless-ssh to ol and ingress for haproxy
- Loading branch information
Showing
4 changed files
with
68 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| --- | ||
| # Copyright (c) 2024 Oracle and/or its affiliates. | ||
| # This software is made available to you under the terms of the Universal Permissive License (UPL), Version 1.0. | ||
| # The Universal Permissive License (UPL), Version 1.0 (see COPYING or https://oss.oracle.com/licenses/upl) | ||
| # See LICENSE.TXT for details. | ||
|
|
||
| - name: Generate ssh keypair for user | ||
| community.crypto.openssh_keypair: | ||
| path: ~/.ssh/id_rsa | ||
| size: 2048 | ||
| comment: ocne ssh keypair | ||
| become: true | ||
| become_user: "{{ username }}" | ||
|
|
||
| - name: Fetch public key file from server | ||
| ansible.builtin.fetch: | ||
| src: "~/.ssh/id_rsa.pub" | ||
| dest: "buffer/{{ inventory_hostname }}-id_rsa.pub" | ||
| flat: true | ||
| become: true | ||
| become_user: "{{ username }}" | ||
|
|
||
| - name: Copy public key to each destination | ||
| ansible.posix.authorized_key: | ||
| user: "{{ username }}" | ||
| state: present | ||
| key: "{{ lookup('file', 'buffer/{{ item }}-id_rsa.pub') }}" | ||
| loop: "{{ groups['all'] | flatten(levels=1) }}" | ||
| become: true | ||
|
|
||
| - name: Print hostvars for groups | ||
| ansible.builtin.debug: | ||
| msg: "{{ hostvars[item] }}" | ||
| loop: "{{ groups['all'] | flatten(levels=1) }}" | ||
| when: debug_enabled | ||
|
|
||
| - name: Print vnc subnet_domain_name | ||
| ansible.builtin.debug: | ||
| var: my_subnet_domain_name | ||
| when: debug_enabled | ||
|
|
||
| - name: Accept new ssh fingerprints | ||
| ansible.builtin.shell: | | ||
| ssh-keyscan -t ecdsa-sha2-nistp256 \ | ||
| {{ hostvars[item].ansible_hostname }},\ | ||
| {{ hostvars[item].ansible_default_ipv4.address }},\ | ||
| {{ hostvars[item].ansible_hostname + '.' + my_subnet_domain_name }} >> ~/.ssh/known_hosts | ||
| with_items: | ||
| - "{{ groups['all'] }}" | ||
| become: true | ||
| become_user: "{{ username }}" | ||
| register: result | ||
| changed_when: result.rc == 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters