- hosts: servers
user: ubuntu
sudo: yes
gather_facts: no
tasks:
- name: create temp dir
file: path=/tmp/special state=directory mode=0755
- name: check private key
stat: path=~/.ssh/id_rsa
register: st
- name: create key pairs
shell: ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa -q -b 2048 -C "com"
when: st.stat.exists == False
- name: get the public ke
fetch:
src: ~/.ssh/id_rsa.pub
dest: /tmp/special/
- hosts: server1
user: sdev
sudo: yes
gather_facts: no
tasks:
- name: get key list
shell: cat /tmp/special/*/root/.ssh/id_rsa.pub
connection: local
register: key_list
- name: add keys
lineinfile:
dest: /root/.ssh/authorized_keys
line: "{{ item }}"
with_items: "{{ key_list.stdout_lines }}"
- name: remove old keys
file: path=/tmp/special state=absent
connection: local
此playbook 实现了 创建key pairs时候,如果key pair已经创建,就不会再创建新的key pair;
在添加pub key时 ,如果pub key已经在文件 authorized_keys存在,不会重复添加。
user: ubuntu
sudo: yes
gather_facts: no
tasks:
- name: create temp dir
file: path=/tmp/special state=directory mode=0755
- name: check private key
stat: path=~/.ssh/id_rsa
register: st
- name: create key pairs
shell: ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa -q -b 2048 -C "com"
when: st.stat.exists == False
- name: get the public ke
fetch:
src: ~/.ssh/id_rsa.pub
dest: /tmp/special/
- hosts: server1
user: sdev
sudo: yes
gather_facts: no
tasks:
- name: get key list
shell: cat /tmp/special/*/root/.ssh/id_rsa.pub
connection: local
register: key_list
- name: add keys
lineinfile:
dest: /root/.ssh/authorized_keys
line: "{{ item }}"
with_items: "{{ key_list.stdout_lines }}"
- name: remove old keys
file: path=/tmp/special state=absent
connection: local
此playbook 实现了 创建key pairs时候,如果key pair已经创建,就不会再创建新的key pair;
在添加pub key时 ,如果pub key已经在文件 authorized_keys存在,不会重复添加。