From 7e6e99ae330bd2705910e3b5829a3c6d3c41875b Mon Sep 17 00:00:00 2001
From: yohan <783b8c87@scimetis.net>
Date: Sun, 22 Oct 2023 16:56:37 +0200
Subject: [PATCH] Revert "Remove redundant SSH client configuration."

This reverts commit 816846c761d1a33ecc818d6e1f029da6d15bca76.
---
 tasks/bootstrap.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/tasks/bootstrap.yml b/tasks/bootstrap.yml
index 278f93a..1a5398f 100755
--- a/tasks/bootstrap.yml
+++ b/tasks/bootstrap.yml
@@ -12,9 +12,20 @@
     url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','KEY') }}/download?path=%2F&files=secrets.tar.gz.enc"
     dest: "{{ WORKDIR }}/secrets.tar.gz.enc"
 
+- name: Create /root/.ssh directory
+  ansible.builtin.file:
+    path: /root/.ssh
+    state: directory
+    mode: '0700'
+
 - name: Extract from secrets.tar.gz.enc
   shell: "openssl enc -aes-256-cbc -md md5 -pass env:SECRETS_ARCHIVE_PASSPHRASE -d -in {{ WORKDIR }}/secrets.tar.gz.enc | tar -zxv -C {{ WORKDIR }}"
 
+- name: Change SSH private key permissions
+  ansible.builtin.file:
+    path: /root/.ssh/id_rsa
+    mode: '0400'
+
 - name: Retrieve documentation
   ansible.builtin.get_url:
     url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','DOC_KEY') }}/download"