Feat(Songe): mod ssh connectin policy between every body

2018-12-11 18:40:49 +01:00 · 2018-12-11 18:40:49 +01:00 · b98264ea7d
parent 0dcf383e3b
commit b98264ea7d
4 changed files with 18 additions and 17 deletions
--- a/Songe.yml
+++ b/Songe.yml
@ -14,7 +14,7 @@
    - include: tasks/ssh.yml
    - include: tasks/dotfiles.yml
    - include: tasks/NAS_mounts.yml
-    - include: tasks/borg_server.yml
+      #    - include: tasks/borg_server.yml

  handlers:
    - name: restart sshd
--- a/files/sshconfig
+++ b/files/sshconfig
@ -34,7 +34,7 @@ Host Songe
    Port 22
    ForwardAgent yes
    PubkeyAcceptedKeyTypes *
-    identityfile ~/.ssh/id_ed25519_home
+    identityfile ~/.ssh/id_rsa_songe
    IdentitiesOnly yes

 Host Choux
--- a/tasks/ssh.yml
+++ b/tasks/ssh.yml
@ -25,7 +25,7 @@
 - name: Add public key for deploy user
  authorized_key: 
    user: "{{ item.username }}" 
-    key: "{{ lookup('file', deploy_public_key) }}"
+    key: "{{ lookup('file', 'sshpubs/' + deploy_public_key) }}"
    state: present
  with_items: "{{ deploy_users }}"
  register: add_identity_key
--- a/vars/Songe.yml
+++ b/vars/Songe.yml
@ -1,6 +1,7 @@
 ---
 me: "{{ deploy_users }}"
-deploy_public_key: files/id_ed25519_home.pub
+# deploy_public_key: files/id_ed25519_home.pub
+deploy_public_key: files/id_rsa_songe.pub

 minimal: true
 server: true
@ -22,19 +23,19 @@ nfs_shares:


 ## J'en suis là!!
-borg:
-  user: backup
-  password: '$6$6lmddb2/hRK5$zpz9rr./tC1oJYyw5588AXs53U0oEUPmKNUE.a6hP9fTazWRGZihvjZ722F.dfNWh2Kw6K3BDejvG78RhPN1Q0'
-  group: backup
-  home: /media/backup/borgbackup
-  pool: /media/backup/borgbackup/repos
-  auth_users:
-    - host: Poivre
-      key: "{{ lookup('file', 'sshpubs/id_rsa_poivre_borg.pub') }}"
-      # - host: Choux
-      #   key: "{{ lookup('file', '') }}"
-      # - host: localhost
-      #   key: "{{ lookup('file', '') }}"
+# borg:
+#   user: backup
+#   password: '$6$6lmddb2/hRK5$zpz9rr./tC1oJYyw5588AXs53U0oEUPmKNUE.a6hP9fTazWRGZihvjZ722F.dfNWh2Kw6K3BDejvG78RhPN1Q0'
+#   group: backup
+#   home: /mnt/BackupWD_1T/borgbackup
+#   pool: /mnt/BackupWD_1T/borgbackup/repos
+#   auth_users:
+#     - host: Poivre
+#       key: "{{ lookup('file', 'sshpubs/id_rsa_poivre_borg.pub') }}"
+#       # - host: Choux
+#       #   key: "{{ lookup('file', '') }}"
+#       # - host: localhost
+#       #   key: "{{ lookup('file', '') }}"