summaryrefslogtreecommitdiff
path: root/roles/dyndns/client/tasks/main.yml
blob: 80e0e13b9eed60b83f16dd2a70de3d9720c26885 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
---
- name: create user for dyndns
  user:
    name: dyndns
    home: /var/lib/dyndns
    system: yes
    shell: /bin/false
    generate_ssh_key: yes
    ssh_key_type: ed25519
    ssh_key_comment: "dyndns@{{ host_name }}.{{ host_domain }}"
  register: dyndns_user

- name: install ssh key on server
  delegate_to: "{{ dyndns.server }}"
  lineinfile:
    path: /var/lib/dyndns/.ssh/authorized_keys
    mode: 0600
    regexp: 'command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}"'
    line: 'no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding,no-user-rc,command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}" {{ dyndns_user.ssh_public_key }}'

- name: install ssh config
  template:
    src: ssh_config.j2
    dest: /var/lib/dyndns/.ssh/config
    owner: dyndns
    group: dyndns


  ## TODO: fix me!!!
- name: hack to make known_hosts work (1/2)
  command: "ssh-keyscan -p {{ hostvars[dyndns.server].ansible_port }} {{ hostvars[dyndns.server].host_name }}.{{ hostvars[dyndns.server].host_domain }}"
  args:
    creates: /var/lib/dyndns/.ssh/known_hosts
  check_mode: False
  register: dyndns_ssh_keyscan

- name: hack to make known_hosts work (1/2)
  when: dyndns_ssh_keyscan is changed
  copy:
    content: "{{ dyndns_ssh_keyscan.stdout }}"
    dest: /var/lib/dyndns/.ssh/known_hosts
    owner: dyndns
    group: dyndns
   # fix me


- name: install systemd units
  template:
    src: "dyndns.{{ item }}.j2"
    dest: "/etc/systemd/system/dyndns.{{ item }}"
  with_items:
    - service
    - timer

- name: make sure the systemd timer is enabled and running
  systemd:
    daemon_reload: yes
    name: dyndns.timer
    enabled: yes
    state: started