Add conditionals for cloud_provider in SSH configs (#1008)

Nate Stephany

2020-01-17 ef0a964544a6570b88c5af63d49ec25e19bc1f75

Add conditionals for cloud_provider in SSH configs (#1008)

* Add conditionals for cloud_provider

* Move j2 to templates, clean up conditional logic

 ansible/roles/bastion-lite/tasks/main.yml

@@ -16,7 +16,7 @@

- name: Generate host .ssh/config Template
  become: no
  local_action: template src={{ role_path }}/files/bastion_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}
  local_action: template src={{ role_path }}/templates/bastion_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}
  tags:
    - gen_sshconfig_file


 ansible/roles/bastion-lite/templates/bastion_ssh_config.j2

File was renamed from ansible/roles/bastion-lite/files/bastion_ssh_config.j2
@@ -1,4 +1,8 @@
Host ec2* *.internal *.example.com
{% if cloud_provider == 'ec2' %}
Host ec2* *.internal
{% elif cloud_provider == 'osp' %}
Host *.example.com
{% endif %}	
  User {{remote_user}}
{% if use_own_key|bool %}
  IdentityFile ~/.ssh/{{env_authorized_key}}.pem
@@ -9,3 +13,4 @@
  StrictHostKeyChecking no
  ConnectTimeout 60
  ConnectionAttempts 10
{% endif %}	

 ansible/roles/bastion/files/bastion_ssh_config.j2

File was deleted

 ansible/roles/bastion/tasks/main.yml

@@ -35,7 +35,7 @@

- name: Generate host .ssh/config Template
  become: no
  local_action: template src={{ role_path }}/files/bastion_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}
  local_action: template src={{ role_path }}/templates/bastion_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}
  tags:
    - gen_sshconfig_file


 ansible/roles/bastion/templates/bastion_ssh_config.j2

copy from ansible/roles/bastion-lite/files/bastion_ssh_config.j2
copy to ansible/roles/bastion/templates/bastion_ssh_config.j2
File was copied from ansible/roles/bastion-lite/files/bastion_ssh_config.j2
@@ -1,4 +1,8 @@
Host ec2* *.internal *.example.com
{% if cloud_provider == 'ec2' %}
Host ec2* *.internal
{% elif cloud_provider == 'osp' %}
Host *.example.com
{% endif %}	
  User {{remote_user}}
{% if use_own_key|bool %}
  IdentityFile ~/.ssh/{{env_authorized_key}}.pem
@@ -9,3 +13,4 @@
  StrictHostKeyChecking no
  ConnectTimeout 60
  ConnectionAttempts 10
{% endif %}	

 ansible/roles/set_env_authorized_key/files/host_ssh_config.j2

File was deleted

 ansible/roles/set_env_authorized_key/tasks/main.yml

@@ -34,7 +34,7 @@

- name: Generate host .ssh/config Template
  become: no
  local_action: template src={{ role_path }}/files/host_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}
  local_action: template src={{ role_path }}/templates/host_ssh_config.j2 dest={{output_dir}}/ssh-config-{{ env_type }}-{{ guid }}

- name: copy over host .ssh/config Template
  become: true

 ansible/roles/set_env_authorized_key/templates/host_ssh_config.j2

New file
@@ -0,0 +1,11 @@
{% if cloud_provider == 'ec2' %}
Host ec2* *.internal
{% elif cloud_provider == 'osp' %}
Host *.example.com
{% endif %}	
   User {{remote_user}}
   IdentityFile ~/.ssh/{{env_authorized_key}}.pem
   ForwardAgent yes
   StrictHostKeyChecking no
   ConnectTimeout 60
   ConnectionAttempts 10