init
This commit is contained in:
commit
29bd9b3822
3 changed files with 29 additions and 0 deletions
5
defaults/main.yml
Normal file
5
defaults/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
ssh_ca_known_hosts:
|
||||
- domain: '*.dmz'
|
||||
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x Host Certficate Authority for DMZ'
|
||||
- domain: '*.hyp'
|
||||
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb Host Certficate Authority for HYP'
|
18
meta/main.yml
Normal file
18
meta/main.yml
Normal file
|
@ -0,0 +1,18 @@
|
|||
galaxy_info:
|
||||
role_name: ssh_ca_known_hosts
|
||||
author: Pim Kunis
|
||||
description: Add SSH certificate authorities to system-wide known hosts file.
|
||||
|
||||
issue_tracker_url: https://git.pim.kunis.nl/pim/ansible-role-ssh-ca-known-hosts/issues
|
||||
|
||||
license: GPLv3
|
||||
|
||||
min_ansible_version: 1.2
|
||||
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- bookworm
|
||||
|
||||
galaxy_tags:
|
||||
- ssh
|
6
tasks/main.yml
Normal file
6
tasks/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
- name: Add SSH CA to known hosts
|
||||
known_hosts:
|
||||
key: '@cert-authority {{ item.domain }} {{ item.key }}'
|
||||
name: '@cert-authority {{ item.domain }}'
|
||||
path: /etc/ssh/ssh_known_hosts
|
||||
loop: '{{ ssh_ca_known_hosts }}'
|
Reference in a new issue