-
Notifications
You must be signed in to change notification settings - Fork 1
/
CentOS7x_Install-SSH-Key-Set-for-root-playbook.yml
76 lines (56 loc) · 3.09 KB
/
CentOS7x_Install-SSH-Key-Set-for-root-playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
---
################################################################################
# description: Installs a public SSH key for root on CentOS7x
# usage: ansible-playbook CentOS7x_Install-SSH-Key-Set-for-root-playbook.yml --extra-vars 'SourceHost=SourceHostNameGoesHere DestinationHostOrGroup=DestinationServerOrGroupNameGoesHere'
# author: Ernest G. Wilson II <[email protected]> (https://github.com/ernestgwilsonii)
# license: MIT
################################################################################
# Ansible Playbook options
# REF: http://docs.ansible.com/ansible/playbooks.html
#####################################################
- name: Install a public SSH key for root on CentOS7x
hosts: "{{ SourceHost|default ('FATAL ERROR --> SourceHost NOT SET! You must specify either a Host or a Group name!') }}"
serial: "100%"
gather_facts: False
tasks:
# command - Executes a command on a remote node
# REF: http://docs.ansible.com/ansible/command_module.html
##########################################################
- name: Get the hostname from the remote OS and use it to determine if a matching SSH key set name exists
command: hostname
register: hostname
- debug: msg="The public SSH key file this script needs should be /root/.ssh/{{hostname.stdout}}_id_rsa.pub"
# stat - retrieve file or file system status
# REF: http://docs.ansible.com/ansible/stat_module.html
#######################################################
- name: Check if an SSH public key file exists with name /root/.ssh/{{hostname.stdout}}_id_rsa.pub
stat: path=/root/.ssh/{{hostname.stdout}}_id_rsa.pub
register: sshpublickey
- debug: msg="Existing status for SSH public key file /root/.ssh/{{hostname.stdout}}_id_rsa.pub is {{sshpublickey.stat.exists}}"
# fetch - Fetches a file from remote nodes
# REF: http://docs.ansible.com/ansible/fetch_module.html
########################################################
- name: Copy the remote SSH public key file /root/.ssh/{{hostname.stdout}}_id_rsa.pub to the Ansible host as /tmp/{{hostname.stdout}}_id_rsa.pub
fetch:
src: /root/.ssh/{{hostname.stdout}}_id_rsa.pub
dest: /tmp
fail_on_missing: yes
validate_checksum: yes
# Ansible Playbook options
# REF: http://docs.ansible.com/ansible/playbooks.html
#####################################################
- name: Deploy the SSH public key for root on CentOS7x
hosts: "{{ DestinationHostOrGroup|default ('FATAL ERROR --> HostOrGroup NOT SET! You must specify either a Host or a Group name!') }}"
serial: "100%"
gather_facts: True
tasks:
# authorized_key - Adds or removes an SSH authorized key
# REF: http://docs.ansible.com/ansible/authorized_key_module.html
#################################################################
- name: Add the authorized public key /tmp/{{SourceHost}}_id_rsa.pub to the remote host in /root/.ssh/authorized_keys
authorized_key:
state: present
user: root
key: "{{ item }}"
with_file:
- /tmp/{{SourceHost}}/root/.ssh/{{SourceHost}}_id_rsa.pub