From 67a0ed3f5a194b6426f8e5a06f754573cd68ee9d Mon Sep 17 00:00:00 2001 From: Guillaume Coré <gucore@redhat.com> Date: Thu, 19 Apr 2018 23:57:05 +0200 Subject: [PATCH] cleanup ssh config --- /dev/null | 15 --------------- ansible/roles/bastion/tasks/main.yml | 9 --------- ansible/roles/bastion/files/bastion_ssh_config.j2 | 14 +++++--------- ansible/roles/set_env_authorized_key/files/host_ssh_config.j2 | 12 ++++-------- 4 files changed, 9 insertions(+), 41 deletions(-) diff --git a/ansible/roles/bastion/files/bastion_ssh_config.j2 b/ansible/roles/bastion/files/bastion_ssh_config.j2 index 2eb2bbf..a73b744 100644 --- a/ansible/roles/bastion/files/bastion_ssh_config.j2 +++ b/ansible/roles/bastion/files/bastion_ssh_config.j2 @@ -1,14 +1,10 @@ -Host *.internal +Host ec2* *.internal User {{remote_user}} +{% if use_own_key|bool %} + IdentityFile ~/.ssh/{{env_authorized_key}}.pem +{% else %} IdentityFile ~/.ssh/{{key_name}}.pem - ForwardAgent yes - StrictHostKeyChecking no - ConnectTimeout 60 - ConnectionAttempts 10 - -Host ec2* - User {{remote_user}} - IdentityFile ~/.ssh/{{key_name}}.pem +{% endif %} ForwardAgent yes StrictHostKeyChecking no ConnectTimeout 60 diff --git a/ansible/roles/bastion/files/bastion_ssh_config_ownkey.j2 b/ansible/roles/bastion/files/bastion_ssh_config_ownkey.j2 deleted file mode 100644 index 135ad76..0000000 --- a/ansible/roles/bastion/files/bastion_ssh_config_ownkey.j2 +++ /dev/null @@ -1,15 +0,0 @@ -Host *.internal - User {{ remote_user }} - IdentityFile ~/.ssh/{{env_authorized_key}}.pem - ForwardAgent yes - StrictHostKeyChecking no - ConnectTimeout 60 - ConnectionAttempts 10 - -Host ec2* - User {{ remote_user }} - IdentityFile ~/.ssh/{{env_authorized_key}}.pem - ForwardAgent yes - StrictHostKeyChecking no - ConnectTimeout 60 - ConnectionAttempts 10 diff --git a/ansible/roles/bastion/tasks/main.yml b/ansible/roles/bastion/tasks/main.yml index 97f5fe6..bd62d76 100644 --- a/ansible/roles/bastion/tasks/main.yml +++ b/ansible/roles/bastion/tasks/main.yml @@ -31,18 +31,9 @@ tags: - copy_env_private_key -# TODO: Test splitting this into literal - name: Generate host .ssh/config Template become: no local_action: template src={{ role_path }}/files/bastion_ssh_config.j2 dest={{ ANSIBLE_REPO_PATH }}/workdir/ssh-config-{{ env_type }}-{{ guid }} - when: not use_own_key|bool - tags: - - gen_sshconfig_file - -- name: Generate host .ssh/config Template - become: no - local_action: template src={{ role_path }}/files/bastion_ssh_config_ownkey.j2 dest={{ ANSIBLE_REPO_PATH }}/workdir/ssh-config-{{ env_type }}-{{ guid }} - when: use_own_key|bool tags: - gen_sshconfig_file diff --git a/ansible/roles/set_env_authorized_key/files/host_ssh_config.j2 b/ansible/roles/set_env_authorized_key/files/host_ssh_config.j2 index 3cdb8cd..e472e97 100644 --- a/ansible/roles/set_env_authorized_key/files/host_ssh_config.j2 +++ b/ansible/roles/set_env_authorized_key/files/host_ssh_config.j2 @@ -1,11 +1,7 @@ -Host *.internal - User ec2-user +Host ec2* *.internal + User {{remote_user}} IdentityFile ~/.ssh/{{env_authorized_key}}.pem ForwardAgent yes StrictHostKeyChecking no - -Host ec2* - User ec2-user - IdentityFile ~/.ssh/{{env_authorized_key}}.pem - ForwardAgent yes - StrictHostKeyChecking no + ConnectTimeout 60 + ConnectionAttempts 10 -- Gitblit v1.9.3