Update tasks

This commit is contained in:
Glenn Y. Rolland 2022-05-31 02:14:12 +02:00
parent 0ca628ee5d
commit a2d9ffab99
7 changed files with 20 additions and 5 deletions

View file

@ -0,0 +1,3 @@
---
sshwifty_hostname: "0.0.0.0"
mongo_group_id: 0

View file

@ -0,0 +1,3 @@
---
sshwifty_hostname: "0.0.0.0"
mongo_group_id: 1

View file

@ -3,8 +3,8 @@
- name: "Sync time - first try (needed by apt)"
ansible.builtin.shell:
cmd: hash ntpdate 2>/dev/null && ntpdate 0.debian.pool.ntp.org
changed_when: 'False'
ignore_errors: 'yes'
no_log: 'yes'
- name: Install required system packages
ansible.builtin.apt:

View file

@ -34,6 +34,7 @@
- name: Get DEB architecture
shell: dpkg --print-architecture
register: deb_architecture
changed_when: 'False'
- name: Add repository into sources list
ansible.builtin.apt_repository:

View file

@ -1,7 +1,7 @@
---
# Password needs to be encrypted. Use the following command to change password
# python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
- name: Add the user 'debian'
- name: "Add the user '{{ sshwifty_ssh_user }}'"
ansible.builtin.user:
name: "{{ sshwifty_ssh_user }}"
password: "{{ sshwifty_ssh_password | password_hash('sha512') }}"

View file

@ -12,16 +12,24 @@
state: directory
- name: Scan SSH keys
command: "ssh-keyscan {{item}}"
shell: "ssh-keyscan -t ed25519 {{ hostvars[item]['ansible_facts']['default_ipv4']['address'] }} 2>/dev/null | ssh-keygen -lf - |cut -f2 -d' '"
register: "host_keys"
changed_when: false
with_items: groups["role_mongos"]
with_items: "{{ groups['role_mongo'] }}"
- debug:
msg: "item.item={{ item.item }}, item.stdout={{ item.stdout }}"
with_items: "{{ host_keys.results }}"
- name: Deploy SSHwifty configuration
template:
src: templates/sshwifty.conf.j2
dest: "{{ sshwifty_configuration_directory }}/sshwifty.conf"
# - name: Debug
# fail: "msg=STOP"
# when: "True"
- name: Create SSHwifty directory
file:
path: "{{ sshwifty_work_directory }}"

View file

@ -1,4 +1,4 @@
{{ sshwifty_hostname }}:{{ sshwifty_public_port }} {
{% if sshwifty_hostname != "0.0.0.0" %}{{ sshwifty_hostname }}{% endif %}:{{ sshwifty_public_port }} {
log
reverse_proxy localhost:{{ sshwifty_internal_port }} {