From 3ec28fa016c55a663625c9b198444af2771014d4 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Sun, 9 Apr 2017 22:50:25 +0000
Subject: [PATCH] Use a static dir

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/base/tasks/sshcerts.yml | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/roles/base/tasks/sshcerts.yml b/roles/base/tasks/sshcerts.yml
index cc28c9278c..b30336f25a 100644
--- a/roles/base/tasks/sshcerts.yml
+++ b/roles/base/tasks/sshcerts.yml
@@ -44,21 +44,24 @@
 
 # TODO: Get expired certificates, and add them to certs_to_sign
 
-- name: Create directory for storing pubkeys
-  command: "mktemp -d --suffix=sshkeysign"
-  delegate_to: "batcave01.phx2.fedoraproject.org"
-  run_once: true
-  register: pubkeydirout
-  when: env == "staging" and certs_to_sign != []
+- set_fact:
+    pubkeydir: "/tmp/sshkeysign"
+  when: env == "staging"
   tags:
   - sshd_config
   - config
   - sshd
   - base
 
-- set_fact:
-    pubkeydir: "{{pubkeydirout.stdout}}"
-  when: env == "staging" and certs_to_sign != []
+- name: Create directory for storing pubkeys
+  file: path="{{pubkeydir}}"
+        owner=root
+        group=root
+        mode=0600
+        state=directory
+  delegate_to: "batcave01.phx2.fedoraproject.org"
+  run_once: true
+  when: env == "staging"
   tags:
   - sshd_config
   - config