25 lines
928 B
Django/Jinja
25 lines
928 B
Django/Jinja
#!/bin/bash
|
|
# {{ ansible_managed }}
|
|
# Installs the Anbible management public ssh key on this host.
|
|
|
|
{% set pubkey = lookup('env', 'HOME')+"/.ssh/id_ansible@"+software.environment+".pub" -%}
|
|
{% set keydata = lookup('file', pubkey) -%}
|
|
SSH_DIR="${HOME}/.ssh"
|
|
NAME="ansible@{{ software.environment }}"
|
|
AUTHORIZED_KEYS="${SSH_DIR}/authorized_keys"
|
|
NEW_AUTHORIZED_KEYS="${AUTHORIZED_KEYS}..SWAP$$"
|
|
BACKUP_AUTHORIZED_KEYS="${AUTHORIZED_KEYS}.old"
|
|
#KEY_DATA='from="{{ ip.ansible[segment.mgmt.network].address }}" {{ keydata }}'
|
|
KEY_DATA='{{ keydata }}'
|
|
|
|
mkdir -p $SSH_DIR
|
|
touch $AUTHORIZED_KEYS
|
|
echo "Remove ${NAME} from existing authorized keys"
|
|
cat $AUTHORIZED_KEYS | grep -v \ ${NAME}$ > $NEW_AUTHORIZED_KEYS
|
|
echo "Add fresh ansible public key to the authorized keys"
|
|
echo $KEY_DATA >> $NEW_AUTHORIZED_KEYS
|
|
echo "Install the new authorized keys"
|
|
mv $NEW_AUTHORIZED_KEYS $AUTHORIZED_KEYS
|
|
cp $AUTHORIZED_KEYS $BACKUP_AUTHORIZED_KEYS
|
|
|