[ssh_known_hosts] ssh_known_hosts is a service not a role

2022-07-04 21:57:24 +02:00 · 2022-07-04 21:57:24 +02:00 · 55e1fdc184
parent 304f95c33b
commit 55e1fdc184
7 changed files with 33 additions and 15 deletions
--- a/group_vars/all/ssh_known_hosts.yml
+++ b/group_vars/all/ssh_known_hosts.yml
@ -0,0 +1,15 @@
 ---
 glob_service_ssh_known_hosts:
  name: ssh_known_hosts
  install_dir: /var/local/services/ssh_known_hosts
  dependencies:
    - python3-ldap
    - python3-jinja2
  git:
    remote: https://gitlab.adm.crans.org/nounous/ssh_known_hosts.git
    version: main
  cron:
    frequency: "*/10 * * * *"
  config:
    ldap:
      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
--- a/group_vars/aurore/ssh_known_hosts.yml
+++ b/group_vars/aurore/ssh_known_hosts.yml
@ -0,0 +1,5 @@
 ---
 loc_service_ssh_known_hosts:
  config:
    ldap:
      server: "ldaps://{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
--- a/group_vars/viarezo/ssh_known_hosts.yml
+++ b/group_vars/viarezo/ssh_known_hosts.yml
@ -0,0 +1,5 @@
 ---
 loc_service_ssh_known_hosts:
  config:
    ldap:
      server: "ldaps://{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
--- a/host_vars/sputnik.adm.crans.org.yml
+++ b/host_vars/sputnik.adm.crans.org.yml
@ -117,3 +117,8 @@ loc_bind:
  default:
    type: slave
    primaries: "{{ query('ldap', 'ip', 'silice', 'adm') }}"
 loc_service_ssh_known_hosts:
  config:
    ldap:
      server: "ldaps://{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}"
--- a/plays/ssh_known_hosts.yml
+++ b/plays/ssh_known_hosts.yml
@ -1,5 +1,7 @@
 #!/usr/bin/env ansible-playbook
 ---
 - hosts: server
  vars:
    service: "{{ glob_service_ssh_known_hosts | default({}) | combine(loc_service_ssh_known_hosts | default({})) }}"
  roles:
-    - ssh_known_hosts
+    - service
--- a/roles/ssh_known_hosts/tasks/main.yml
+++ b/roles/ssh_known_hosts/tasks/main.yml
@ -1,5 +0,0 @@
 ---
 - name:
  template:
    src: ssh/ssh_known_hosts.j2
    dest: /etc/ssh/ssh_known_hosts
--- a/roles/ssh_known_hosts/templates/ssh/ssh_known_hosts.j2
+++ b/roles/ssh_known_hosts/templates/ssh/ssh_known_hosts.j2
@ -1,9 +0,0 @@
 {{ ansible_header | comment }}
 {% set hosts = query('ldap', 'query', 'ou=hosts,dc=crans,dc=org', 'one', 'objectClass=device') %}
 {% for host, device in hosts.items() | sort(attribute='0') %}
 {% set cns = query('ldap', 'all_cn', hosts[host].cn[0]) | sort %}
 {% set ips = query('ldap', 'all_ip', hosts[host].cn[0]) | sort %}
 {% for key in query('ldap', 'ssh_keys', hosts[host].cn[0]) | sort %}
 {{ hosts[host].cn[0] }},{{ cns | join(',') }},{{ ips | join(',') }} {{ key }} root@{{ hosts[host].cn[0] }}
 {% endfor %}
 {% endfor %}