2020-11-18 10:32:24 +01:00
|
|
|
# Inspired by persistent_cloud.yml, but the VM is not started automatically.
|
|
|
|
# This only works with modern Fedora for now, not with RHEL/CentOS.
|
2020-02-19 22:14:32 +01:00
|
|
|
|
2020-11-18 10:32:24 +01:00
|
|
|
---
|
2020-02-19 22:14:32 +01:00
|
|
|
- include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README
|
|
|
|
|
2020-11-18 10:32:24 +01:00
|
|
|
- name: check if the server is up, needs to be pre-started
|
2020-02-19 22:14:32 +01:00
|
|
|
local_action: shell nc -w 5 {{ inventory_hostname }} 22 < /dev/null
|
|
|
|
register: host_is_up
|
|
|
|
changed_when: false
|
|
|
|
check_mode: no
|
|
|
|
|
2021-11-29 13:47:00 +01:00
|
|
|
- name: birthday=on - drop the old known host entries
|
|
|
|
local_action: known_hosts path={{item}}
|
|
|
|
host={{ inventory_hostname }}
|
|
|
|
state=absent
|
|
|
|
with_items:
|
|
|
|
- /root/.ssh/known_hosts
|
|
|
|
when: birthday is defined
|
|
|
|
|
|
|
|
- name: gather the temporary ssh host key from the new instance
|
2023-11-21 14:03:07 +01:00
|
|
|
local_action: command ssh-keyscan -t {{ item }} {{ inventory_hostname }}
|
2020-11-18 10:32:24 +01:00
|
|
|
register: hostkey
|
2023-11-21 13:53:36 +01:00
|
|
|
loop:
|
|
|
|
- rsa
|
|
|
|
- ed25519
|
2020-11-18 10:32:24 +01:00
|
|
|
when: birthday is defined
|
|
|
|
|
|
|
|
- name: add new ssh host key (until we can sign it)
|
2023-11-21 13:53:36 +01:00
|
|
|
local_action: known_hosts path={{item.0}} key="{{ item.1.stdout }}"
|
2020-11-18 10:32:24 +01:00
|
|
|
host={{ inventory_hostname }} state=present
|
2023-11-21 13:53:36 +01:00
|
|
|
with_nested:
|
|
|
|
- [/root/.ssh/known_hosts]
|
|
|
|
- "{{ hostkey.results }}"
|
2020-11-18 10:32:24 +01:00
|
|
|
when: birthday is defined
|
|
|
|
|
2020-02-19 22:50:52 +01:00
|
|
|
# from https://github.com/praiskup/ansible-role-fix-root-ssh
|
|
|
|
- name: allow root ssh connections
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/cloud/cloud.cfg
|
|
|
|
regexp: '^disable_root:'
|
|
|
|
line: 'disable_root: 0'
|
|
|
|
remote_user: fedora
|
|
|
|
become: true
|
|
|
|
become_user: root
|
2020-02-21 11:25:15 +01:00
|
|
|
when: birthday is defined
|
2020-02-19 22:50:52 +01:00
|
|
|
|
|
|
|
- name: use the same authorized_keys
|
|
|
|
replace:
|
|
|
|
path: /root/.ssh/authorized_keys
|
|
|
|
regexp: '.*Please login as the user.* ssh-rsa '
|
|
|
|
replace: 'ssh-rsa '
|
|
|
|
backup: yes
|
|
|
|
remote_user: fedora
|
|
|
|
become: true
|
|
|
|
become_user: root
|
2020-02-21 11:25:15 +01:00
|
|
|
when: birthday is defined
|
2020-02-19 22:50:52 +01:00
|
|
|
|
2020-02-19 22:14:32 +01:00
|
|
|
#
|
|
|
|
# Next we try and gather facts. If the host doesn't have python2 this will fail.
|
|
|
|
#
|
|
|
|
|
|
|
|
- name: gather facts
|
|
|
|
setup:
|
|
|
|
check_mode: no
|
2020-11-18 10:32:24 +01:00
|
|
|
ignore_errors: true
|
2020-02-19 22:14:32 +01:00
|
|
|
register: facts
|
|
|
|
|
|
|
|
#
|
|
|
|
# If that failed, then we use the raw module to install things
|
|
|
|
#
|
|
|
|
|
2020-02-19 22:35:10 +01:00
|
|
|
- name: install python3 and dnf stuff
|
2020-02-19 22:50:52 +01:00
|
|
|
raw: sudo dnf -y install python3-dnf python3-libselinux python3
|
2020-02-21 11:42:47 +01:00
|
|
|
when:
|
|
|
|
- birthday is defined
|
2023-08-20 15:44:55 +02:00
|
|
|
# For copr-pulp-instance it doesn't fail even though python3 package
|
|
|
|
# is not installed
|
|
|
|
# - facts is failed
|
2020-02-19 22:14:32 +01:00
|
|
|
|
2021-11-29 15:15:21 +01:00
|
|
|
# - name: Include SSH config
|
|
|
|
# import_role: name=basessh
|