commit | author | age
|
aa20d9
|
1 |
--- |
S |
2 |
- name: Step 001 Deploy Infrastructure |
15b4ac
|
3 |
hosts: |
aa20d9
|
4 |
- localhost |
S |
5 |
- "{{ ('tag_' ~ env_type ~ '_' ~ guid ~ '_bastion') | replace('-', '_') }}" |
|
6 |
connection: local |
|
7 |
gather_facts: false |
|
8 |
become: false |
|
9 |
vars_files: |
|
10 |
- "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml" |
|
11 |
- "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml" |
|
12 |
tags: |
|
13 |
- step001 |
|
14 |
- create_ssh_config |
|
15 |
tasks: |
15b4ac
|
16 |
- name: Store bastion hostname as a fact |
GC |
17 |
set_fact: |
|
18 |
bastion_hostname: |
|
19 |
internal: "{{ ravello_groups | json_query('bastion.hosts') }}" |
|
20 |
external: "{{ ravello_groups | json_query('_meta.hostvars.\"bastion-REPL.rhpds.opentlc.com\".externalFqdn') }}" |
|
21 |
- add_host: |
|
22 |
name: '{{ bastion_hostname.external }}' |
|
23 |
groups: bastion_host |
|
24 |
- name: Create quick_ssh script |
|
25 |
copy: |
|
26 |
content: | |
|
27 |
#!/bin/bash |
|
28 |
ssh -i {{ ANSIBLE_REPO_PATH }}/workdir/{{ guid }}key cloud-user@{{ bastion_hostname.external }} |
|
29 |
dest: '{{ ANSIBLE_REPO_PATH }}/workdir/{{ guid }}-quickssh.sh' |
|
30 |
mode: 0755 |
|
31 |
# when: delete_app_post_deploy |
aa20d9
|
32 |
|
15b4ac
|
33 |
# - name: set ansible_ssh_common_args |
GC |
34 |
# set_fact: |
|
35 |
# ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q cloud-user@{{ bastion_hostname.external }}' |
|
36 |
# # ansible_ssh_common_args: '-F "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" -o ControlMaster=auto -o ControlPersist=30m' |
|
37 |
- name: Create empty local ssh config as defined by deploy_local_ssh_config_location |
|
38 |
file: |
|
39 |
dest: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" |
|
40 |
state: touch |
aa20d9
|
41 |
|
15b4ac
|
42 |
- name: Add bastion proxy config to workdir ssh config file |
GC |
43 |
blockinfile: |
|
44 |
dest: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" |
|
45 |
marker: "##### {mark} ADDED BASTION PROXY HOST {{ env_type }}-{{ guid }} ######" |
|
46 |
content: | |
|
47 |
Host {{ bastion_hostname.external }} |
|
48 |
Hostname {{ bastion_hostname.external }} |
|
49 |
IdentityFile {{ ANSIBLE_REPO_PATH }}/workdir/{{ env_authorized_key }} |
|
50 |
IdentitiesOnly yes |
|
51 |
User {{ remote_user }} |
|
52 |
ControlMaster auto |
|
53 |
ControlPath /tmp/%h-%r |
|
54 |
ControlPersist 5m |
|
55 |
StrictHostKeyChecking no |
|
56 |
tags: |
|
57 |
- bastion_proxy_config_main |
aa20d9
|
58 |
|
aa469b
|
59 |
- name: Add other hosts to workdir ssh file |
DB |
60 |
include: "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/add_hosts_ssh_config.yml" |
2e9b22
|
61 |
|
DB |
62 |
#- name: copy ssh config to /root/.ssh/config |
|
63 |
# hosts: localhost |
|
64 |
# tasks: |
|
65 |
# - name: back up current ssh config file |
15b4ac
|
66 |
# copy: |
2e9b22
|
67 |
# src: /root/.ssh/config |
DB |
68 |
# dest: /root/.ssh/config.bak |
|
69 |
# owner: root |
|
70 |
# group: root |
|
71 |
# mode: 0400 |
|
72 |
# - name: copy workdir ssh file to .ssh/config |
15b4ac
|
73 |
# copy: |
2e9b22
|
74 |
# src: "{{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" |
DB |
75 |
# dest: /root/.ssh/config |
|
76 |
# owner: root |
|
77 |
# group: root |
|
78 |
# mode: 0400 |