mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-21 23:53:24 +00:00 
			
		
		
		
	add rotate ssh module to matrix-awx
This commit is contained in:
		| @@ -26,7 +26,7 @@ The following repositories allow you to copy and use this setup: | |||||||
|  |  | ||||||
| Updates to this section are trailed here: | Updates to this section are trailed here: | ||||||
|  |  | ||||||
| [GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/gomatrixhosting-matrix-docker-ansible-deploy) | [GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/matrix-docker-ansible-deploy) | ||||||
|  |  | ||||||
|  |  | ||||||
| ## Does I need an AWX setup to use this? How do I configure it?  | ## Does I need an AWX setup to use this? How do I configure it?  | ||||||
|   | |||||||
| @@ -62,6 +62,15 @@ | |||||||
|   tags: |   tags: | ||||||
|     - purge-database |     - purge-database | ||||||
|  |  | ||||||
|  | # Rotate SSH key if called | ||||||
|  | - include_tasks:  | ||||||
|  |     file: "rotate_ssh.yml" | ||||||
|  |     apply: | ||||||
|  |       tags: rotate-ssh | ||||||
|  |   when: run_setup|bool and matrix_awx_enabled|bool | ||||||
|  |   tags: | ||||||
|  |     - rotate-ssh | ||||||
|  |  | ||||||
| # Import configs, media repo from /chroot/backup import | # Import configs, media repo from /chroot/backup import | ||||||
| - include_tasks:  | - include_tasks:  | ||||||
|     file: "import_awx.yml" |     file: "import_awx.yml" | ||||||
|   | |||||||
							
								
								
									
										23
									
								
								roles/matrix-awx/tasks/rotate_ssh.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								roles/matrix-awx/tasks/rotate_ssh.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,23 @@ | |||||||
|  |  | ||||||
|  | #- name: Update authorized_keys with new client public key | ||||||
|  | #  #delegate_to: "matrix.{{ id_array.0 }}" | ||||||
|  | #  delegate_to: "{{ id_array.0 }}" | ||||||
|  | #  shell: | | ||||||
|  | #    cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.backup \ | ||||||
|  | #    && truncate -s 0 /root/.ssh/authorized_keys \ | ||||||
|  | #    && echo "{{ new_ssh_public_key }}" >> /root/.ssh/authorized_keys | ||||||
|  |      | ||||||
|  | - name: Set the new authorized key taken from file | ||||||
|  |   authorized_key: | ||||||
|  |     user: root | ||||||
|  |     state: present | ||||||
|  |     exclusive: yes | ||||||
|  |     key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}" | ||||||
|  |  | ||||||
|  | - name: Set boolean value to exit playbook | ||||||
|  |   set_fact: | ||||||
|  |     end_playbook: true | ||||||
|  |  | ||||||
|  | - name: End playbook if this task list is called. | ||||||
|  |   meta: end_play | ||||||
|  |   when: end_playbook is defined and end_playbook|bool | ||||||
		Reference in New Issue
	
	Block a user