backup: minor fixes

The ssh config file is /.ssh/config (not ssh_config)

We are accepting the ed25519 key, not the ecdsa key, so fix that in
the known_hosts stanza.

Change-Id: If3a42a7872f5d5e7a2bf9c3b5184fb14d43e6a1a
This commit is contained in:
Ian Wienand 2019-08-09 14:07:10 +10:00
parent 78dc3e6ffd
commit 445eb7a7b2
2 changed files with 3 additions and 3 deletions

View File

@ -24,7 +24,7 @@
- name: Configure ssh for backup server - name: Configure ssh for backup server
blockinfile: blockinfile:
path: /root/.ssh/ssh_config path: /root/.ssh/config
create: true create: true
block: | block: |
Host {{ item }} Host {{ item }}
@ -41,7 +41,7 @@
- name: Accept hostkey of backup server - name: Accept hostkey of backup server
known_hosts: known_hosts:
state: present state: present
key: '{{ item }} ecdsa-sha2-nistp256 {{ hostvars[item]["ansible_ssh_host_key_ed25519_public"] }}' key: '{{ item }} ssh-ed25519 {{ hostvars[item]["ansible_ssh_host_key_ed25519_public"] }}'
name: '{{ item }}' name: '{{ item }}'
with_inventory_hostnames: backup-server with_inventory_hostnames: backup-server

View File

@ -53,7 +53,7 @@ def test_backup_host_config(host):
f = host.file('/root/.ssh/id_backup_ed25519') f = host.file('/root/.ssh/id_backup_ed25519')
assert f.exists assert f.exists
f = host.file('/root/.ssh/ssh_config') f = host.file('/root/.ssh/config')
assert f.exists assert f.exists
assert f.contains('Host backup01.region.provider.opendev.org') assert f.contains('Host backup01.region.provider.opendev.org')