add rotate ssh module to matrix-awx

This commit is contained in:
Michael Collins 2021-09-19 17:12:12 +08:00
parent 8339103594
commit 6902ee5aa7
3 changed files with 33 additions and 1 deletions

View file

@ -26,7 +26,7 @@ The following repositories allow you to copy and use this setup:
Updates to this section are trailed here:
[GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/gomatrixhosting-matrix-docker-ansible-deploy)
[GoMatrixHosting Matrix Docker Ansible Deploy](https://gitlab.com/GoMatrixHosting/matrix-docker-ansible-deploy)
## Does I need an AWX setup to use this? How do I configure it?

View file

@ -62,6 +62,15 @@
tags:
- purge-database
# Rotate SSH key if called
- include_tasks:
file: "rotate_ssh.yml"
apply:
tags: rotate-ssh
when: run_setup|bool and matrix_awx_enabled|bool
tags:
- rotate-ssh
# Import configs, media repo from /chroot/backup import
- include_tasks:
file: "import_awx.yml"

View file

@ -0,0 +1,23 @@
#- name: Update authorized_keys with new client public key
# #delegate_to: "matrix.{{ id_array.0 }}"
# delegate_to: "{{ id_array.0 }}"
# shell: |
# cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.backup \
# && truncate -s 0 /root/.ssh/authorized_keys \
# && echo "{{ new_ssh_public_key }}" >> /root/.ssh/authorized_keys
- name: Set the new authorized key taken from file
authorized_key:
user: root
state: present
exclusive: yes
key: "{{ lookup('file', '/var/lib/awx/projects/hosting/client_public.key') }}"
- name: Set boolean value to exit playbook
set_fact:
end_playbook: true
- name: End playbook if this task list is called.
meta: end_play
when: end_playbook is defined and end_playbook|bool