d03f4b1f22
Write out the ssh host keys from the inventory as part of the bastion host bootstrap. Change-Id: I0823c09165c445e9178c75ac5083f1988e8d3055
32 lines
953 B
YAML
32 lines
953 B
YAML
- name: Load the current inventory from bridge
|
|
slurp:
|
|
src: '/home/zuul/src/opendev.org/opendev/system-config/inventory/base/hosts.yaml'
|
|
register: _bridge_inventory_encoded
|
|
|
|
- name: Turn inventory into variable
|
|
set_fact:
|
|
_bridge_inventory: '{{ _bridge_inventory_encoded.content | b64decode | from_yaml }}'
|
|
|
|
- name: Build known_hosts list
|
|
set_fact:
|
|
bastion_known_hosts: >-
|
|
[
|
|
{%- for host, values in _bridge_inventory['all']['hosts'].items() -%}
|
|
{% for key in values['host_keys'] %}
|
|
'{{ host }},{{ values.public_v4 }}{{ "," + values.public_v6 if 'public_v6' in values}} {{ key }}',
|
|
{% endfor %}
|
|
{%- endfor -%}
|
|
]
|
|
|
|
- name: Write out values to /etc/ssh/ssh_known_hosts
|
|
blockinfile:
|
|
path: '/etc/ssh/ssh_known_hosts'
|
|
block: |
|
|
{% for entry in bastion_known_hosts %}
|
|
{{ entry }}
|
|
{% endfor %}
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
create: yes
|