Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

basessh: try and check path in renew path too

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2022-11-19 09:50:46 -08:00
parent 6959217b11
commit 4cdee4e355
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/basessh/tasks/main.yml
View file

@ -136,7 +136,7 @@
set_fact:
certs_to_sign: "{{certs_to_sign}} + [ '{{item.item.path}}' ]"
with_items: "{{ssh_cert_files.results}}"
when: "item.stat.exists and item.stat.mtime|int < (lookup('pipe', 'date +%s')|int - 25920000)"
when: "item.stat.exists and item.item.path.startswith('/etc/ssh') and item.stat.mtime|int < (lookup('pipe', 'date +%s')|int - 25920000)"
tags:
- basessh
- sshd_cert