Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

basessh: inner variable no longer needs escaped

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2022-11-19 10:33:26 -08:00
parent 25914510c1
commit da8ef971ee
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
roles/basessh/tasks/main.yml
View file

@ -120,9 +120,9 @@
- name: Set list of certs to sign
set_fact:
certs_to_sign: "{{ certs_to_sign + ['{{item.item.path}}'] }}"
certs_to_sign: "{{ certs_to_sign + ['item.item.path'] }}"
with_items: "{{ssh_cert_files.results}}"
when: not item.stat.exists and item.item.path.startswith('/etc/ssh')
when: not item.stat.exists
tags:
- basessh
- sshd_cert
@ -134,9 +134,9 @@
# Renew if last mod was more than 10 months ago
- name: Get soon-to-expire certificates to sign
set_fact:
certs_to_sign: "{{ certs_to_sign + ['{{item.item.path}}'] }}"
certs_to_sign: "{{ certs_to_sign + ['item.item.path'] }}"
with_items: "{{ssh_cert_files.results}}"
when: "item.stat.exists and item.item.path.startswith('/etc/ssh') and item.stat.mtime|int < (lookup('pipe', 'date +%s')|int - 25920000)"
when: "item.stat.exists and item.stat.mtime|int < (lookup('pipe', 'date +%s')|int - 25920000)"
tags:
- basessh
- sshd_cert