aws_copr: copr-be fix for #11006
We run the playbook first against the `copr-be-temp.aws..` inventory_hostname, and then once more against `copr-be.aws..`. We need to re-sign the pub keys for the later run. https://pagure.io/fedora-infrastructure/issue/11006
This commit is contained in:
Pavel Raiskup
parent
262b1e88e8
commit
eccbf58b3f
1 changed files with 19 additions and 0 deletions
|
|
@ -46,6 +46,25 @@
|
|||
- "{{ hostkey.results }}"
|
||||
when: birthday is defined
|
||||
|
||||
- name: find old signatures done against the other hostname
|
||||
find:
|
||||
paths: /etc/ssh
|
||||
file_type: file
|
||||
patterns: "ssh_host_*_key-cert.pub"
|
||||
register: found_ssh_certs
|
||||
when:
|
||||
- birthday is defined
|
||||
- additional_known_hosts_cleanup is defined
|
||||
- additional_known_hosts_cleanup[inventory_hostname] is defined
|
||||
|
||||
- name: remove old signed certificates
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: absent
|
||||
loop: "{{ found_ssh_certs.files }}"
|
||||
when:
|
||||
- found_ssh_certs is success
|
||||
|
||||
# from https://github.com/praiskup/ansible-role-fix-root-ssh
|
||||
- name: allow root ssh connections
|
||||
lineinfile:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue