42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
---
|
|
- name: distribute authorized_keys on openwrt with python
|
|
hosts:
|
|
- gateways
|
|
- accesspoints
|
|
gather_facts: no
|
|
tasks:
|
|
- name: set root password
|
|
user:
|
|
name: root
|
|
# https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#hash-filters
|
|
# using md5 because that is the only? supported hash type for busybox on openwrt 21.03
|
|
password: "{{ lookup('passwordstore', '{{ group_names | first }}/{{ inventory_hostname }}') | password_hash('md5', 65534 | random(seed=inventory_hostname) | string) }}"
|
|
|
|
- name: deploy authorized_keys
|
|
copy:
|
|
src: files/authorized_keys
|
|
dest: /etc/dropbear/authorized_keys
|
|
mode: 0600
|
|
|
|
- name: distribute authorized_keys on openwrt with rsync
|
|
hosts:
|
|
- switches
|
|
gather_facts: no
|
|
tasks:
|
|
- name: deploy authorized_keys
|
|
synchronize:
|
|
src: files/authorized_keys
|
|
dest: /etc/dropbear/authorized_keys
|
|
owner: no
|
|
group: no
|
|
|
|
- name: distribute authorized_keys everywhere else
|
|
hosts:
|
|
- server
|
|
- vms
|
|
tasks:
|
|
- name: deploy authorized_keys
|
|
authorized_key:
|
|
user: root
|
|
key: "{{ lookup('file', 'files/authorized_keys') }}"
|