48 lines
1.5 KiB
Plaintext
48 lines
1.5 KiB
Plaintext
{% if grains['kernel'] == 'Linux' %}
|
|
{% set KEY_NAME = 'secure_ssh_tunnel' %}
|
|
{% set ANS_REMOTE_PORT = salt['pillar.get']('ANS_REMOTE_PORT') %}
|
|
{% set ANS_REMOTE_USER = salt['pillar.get']('ANS_REMOTE_USER') %}
|
|
{% set ANS_ADDR_TARGET = salt['pillar.get']('ANS_ADDR_TARGET') %}
|
|
{% set ANS_PORT_TARGET = salt['pillar.get']('ANS_PORT_TARGET') %}
|
|
{% set ANS_TARGET_USER = salt['pillar.get']('ANS_TARGET_USER') %}
|
|
|
|
'generate_ssh_key_{{ANS_REMOTE_USER}}':
|
|
cmd.run:
|
|
- name: ssh-keygen -q -N '' -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
|
|
- runas: {{ANS_REMOTE_USER}}
|
|
- unless: test -f /home/{{ANS_REMOTE_USER}}/.ssh/{{KEY_NAME}}
|
|
|
|
'lets copy bootstrap script':
|
|
file.managed:
|
|
- source: salt://Scripts/bootstrap-ansible.sh
|
|
- name: /root/bootstrap-ansible.sh
|
|
- user: root
|
|
- group: root
|
|
- mode: 750
|
|
|
|
'secure_tunnel_systemd_file':
|
|
file.managed:
|
|
- source: salt://templates/secure-tunnel.service
|
|
- name: /etc/systemd/system/secure-tunnel.service
|
|
- user: root
|
|
- group: root
|
|
- template: jinja
|
|
- defaults:
|
|
ANS_ADDR_TARGET: {{ANS_ADDR_TARGET}}
|
|
KEY_NAME: {{KEY_NAME}}
|
|
|
|
'secure_tunnel_default_file':
|
|
file.managed:
|
|
- source: salt://templates/secure-tunnel.dft
|
|
- name: /etc/default/secure-tunnel
|
|
- user: root
|
|
- group: root
|
|
- template: jinja
|
|
- defaults:
|
|
ANS_ADDR_TARGET: {{ANS_ADDR_TARGET}}
|
|
ANS_REMOTE_PORT: {{ANS_REMOTE_PORT}}
|
|
ANS_PORT_TARGET: {{ANS_PORT_TARGET}}
|
|
ANS_REMOTE_USER: {{ANS_REMOTE_USER}}
|
|
ANS_TARGET_USER: {{ANS_TARGET_USER}}
|
|
|
|
{% endif %} |