yohan/duplicity_playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "Remove redundant SSH client configuration."

Browse Source 
This reverts commit 816846c761.
This commit is contained in:
yohan 2023-10-22 16:56:37 +02:00
parent 816846c761
commit 7e6e99ae33
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tasks/bootstrap.yml
View File

@ -12,9 +12,20 @@
url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','KEY') }}/download?path=%2F&files=secrets.tar.gz.enc" url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','KEY') }}/download?path=%2F&files=secrets.tar.gz.enc"
dest: "{{ WORKDIR }}/secrets.tar.gz.enc" dest: "{{ WORKDIR }}/secrets.tar.gz.enc"
- name: Create /root/.ssh directory
ansible.builtin.file:
path: /root/.ssh
state: directory
mode: '0700'
- name: Extract from secrets.tar.gz.enc - name: Extract from secrets.tar.gz.enc
shell: "openssl enc -aes-256-cbc -md md5 -pass env:SECRETS_ARCHIVE_PASSPHRASE -d -in {{ WORKDIR }}/secrets.tar.gz.enc | tar -zxv -C {{ WORKDIR }}" shell: "openssl enc -aes-256-cbc -md md5 -pass env:SECRETS_ARCHIVE_PASSPHRASE -d -in {{ WORKDIR }}/secrets.tar.gz.enc | tar -zxv -C {{ WORKDIR }}"
- name: Change SSH private key permissions
ansible.builtin.file:
path: /root/.ssh/id_rsa
mode: '0400'
- name: Retrieve documentation - name: Retrieve documentation
ansible.builtin.get_url: ansible.builtin.get_url:
url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','DOC_KEY') }}/download" url: "https://{{ CLOUD_SERVER }}/s/{{ lookup('env','DOC_KEY') }}/download"