44 lines
1.1 KiB
YAML
44 lines
1.1 KiB
YAML
---
|
|
- name: Include OS family-specific variables
|
|
include_vars: "{{ ansible_os_family }}.yml"
|
|
|
|
- name: Ensure required packages are installed
|
|
package:
|
|
name: "{{ item }}"
|
|
state: installed
|
|
become: True
|
|
with_items: "{{ bootstrap_package_dependencies }}"
|
|
|
|
- name: Check whether an SSH key exists
|
|
stat:
|
|
path: "{{ bootstrap_ssh_private_key_path }}"
|
|
get_checksum: False
|
|
get_md5: False
|
|
mime: False
|
|
register: ssh_key_stat
|
|
|
|
- name: Generate an SSH key
|
|
command: ssh-keygen -t {{ bootstrap_ssh_key_type }} -N '' -f {{ bootstrap_ssh_private_key_path }}
|
|
when: not ssh_key_stat.stat.exists
|
|
|
|
- name: Ensure SSH public key is in authorized keys
|
|
authorized_key:
|
|
user: "{{ ansible_user_id }}"
|
|
key: "{{ lookup('file', bootstrap_ssh_private_key_path ~ '.pub') }}"
|
|
|
|
- name: Scan for SSH keys
|
|
command: ssh-keyscan {{ item }}
|
|
with_items:
|
|
- localhost
|
|
- 127.0.0.1
|
|
register: keyscan_result
|
|
changed_when: False
|
|
|
|
- name: Ensure SSH keys are in known hosts
|
|
known_hosts:
|
|
host: "{{ item[0].item }}"
|
|
key: "{{ item[1] }}"
|
|
with_subelements:
|
|
- "{{ keyscan_result.results }}"
|
|
- stdout_lines
|