blob: 027b6071ae954f73338c485e67ea459b27ff0940 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
---
- name: create user for dyndns
user:
name: dyndns
home: /var/lib/dyndns
system: yes
shell: /bin/false
generate_ssh_key: yes
ssh_key_type: ed25519
ssh_key_comment: "dyndns@{{ host_name }}.{{ host_domain }}"
register: dyndns_user
- name: install ssh key on server
delegate_to: "{{ dyndns.server }}"
lineinfile:
path: /var/lib/dyndns/.ssh/authorized_keys
mode: 0600
regexp: 'command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}"'
line: 'no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding,no-user-rc,command="/usr/local/bin/dyndns.py {{ dyndns_client_id }}" {{ dyndns_user.ssh_public_key }}'
- name: install ssh config
template:
src: ssh_config.j2
dest: /var/lib/dyndns/.ssh/config
owner: dyndns
group: dyndns
## TODO: fix me!!!
- name: hack to make known_hosts work (1/2)
command: "ssh-keyscan -p {{ hostvars[dyndns.server].ansible_port }} {{ hostvars[dyndns.server].host_name }}.{{ hostvars[dyndns.server].host_domain }}"
args:
creates: /var/lib/dyndns/.ssh/known_hosts
changed_when: False
check_mode: False
register: dyndns_ssh_keyscan
- name: hack to make known_hosts work (1/2)
when: dyndns_ssh_keyscan is changed
copy:
content: "{{ dyndns_ssh_keyscan.stdout }}"
dest: /var/lib/dyndns/.ssh/known_hosts
owner: dyndns
group: dyndns
# fix me
- name: install systemd units
template:
src: "dyndns.{{ item }}.j2"
dest: "/etc/systemd/system/dyndns.{{ item }}"
with_items:
- service
- timer
- name: make sure the systemd timer is enabled and running
systemd:
daemon_reload: yes
name: dyndns.timer
enabled: yes
state: started
|
