-
Notifications
You must be signed in to change notification settings - Fork 1
/
CentOS7x_Create-SSH-Key-Set-for-root-playbook.yml
69 lines (52 loc) · 3.01 KB
/
CentOS7x_Create-SSH-Key-Set-for-root-playbook.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
---
################################################################################
# description: Creates a standard SSH key set for root on CentOS7x
# usage: ansible-playbook CentOS7x_Create-SSH-Key-Set-for-root-playbook.yml --extra-vars 'HostOrGroup=YourServerOrGroupNameGoesHere'
# author: Ernest G. Wilson II <ErnestGWilsonII@gmail.com> (https://github.com/ernestgwilsonii)
# license: MIT
################################################################################
# Ansible Playbook options
# REF: http://docs.ansible.com/ansible/playbooks.html
#####################################################
- name: Create a standard SSH key set for root on CentOS7x
hosts: "{{ HostOrGroup|default ('FATAL ERROR --> HostOrGroup NOT SET! You must specify either a Host or a Group name!') }}"
serial: "100%"
gather_facts: False
tasks:
# command - Executes a command on a remote node
# REF: http://docs.ansible.com/ansible/command_module.html
##########################################################
- name: Get the hostname from the remote OS and use it to generate a meaningful key set name
command: hostname
register: hostname
- debug: msg="Private SSH key file will be /root/.ssh/{{hostname.stdout}}_id_rsa"
- debug: msg="Public SSH key file will be /root/.ssh/{{hostname.stdout}}_id_rsa.pub"
# stat - retrieve file or file system status
# REF: http://docs.ansible.com/ansible/stat_module.html
#######################################################
- name: Check if an SSH private key file already exists with name /root/.ssh/{{hostname.stdout}}_id_rsa
stat: path=/root/.ssh/{{hostname.stdout}}_id_rsa
register: sshprivatekey
- debug: msg="Existing status for SSH private key file /root/.ssh/{{hostname.stdout}}_id_rsa is {{sshprivatekey.stat.exists}}"
- name: Check if an SSH public key file already exists with name /root/.ssh/{{hostname.stdout}}_id_rsa.pub
stat: path=/root/.ssh/{{hostname.stdout}}_id_rsa.pub
register: sshpublickey
- debug: msg="Existing status for SSH public key file /root/.ssh/{{hostname.stdout}}_id_rsa.pub is {{sshpublickey.stat.exists}}"
# shell - Execute commands in nodes
# REF: http://docs.ansible.com/ansible/shell_module.html
########################################################
- name: Generate SSH key set for {{hostname.stdout}} if it does not exist
shell: ssh-keygen -b 2048 -t rsa -f /root/.ssh/{{hostname.stdout}}_id_rsa -q -N ""
args:
creates: /root/.ssh/{{hostname.stdout}}_id_rsa
when:
- sshprivatekey.stat.exists == False
- sshpublickey.stat.exists == False
# file - Sets attributes of files
# REF: http://docs.ansible.com/ansible/file_module.html
#######################################################
- name: Create a symbolic link on {{hostname.stdout}} from /root/.ssh/{{hostname.stdout}}_id_rsa to /root/.ssh/id_rsa if it does not exist
file:
src: /root/.ssh/{{hostname.stdout}}_id_rsa
dest: /root/.ssh/id_rsa
state: link