2022-05-31 04:36:55 +00:00
|
|
|
---
|
|
|
|
- name: Setup git config
|
|
|
|
copy:
|
2023-01-14 23:26:17 +00:00
|
|
|
src: .gitconfig
|
2022-05-31 04:36:55 +00:00
|
|
|
dest: /root/.gitconfig
|
|
|
|
owner: root
|
|
|
|
mode: u=rw,g=,o=
|
|
|
|
|
2022-08-02 18:49:02 +00:00
|
|
|
# make sure our vps trusts the github.com key signature. we pipe the output
|
|
|
|
# of ssh-keyscan into .ssh/known_hosts
|
|
|
|
|
2022-05-31 05:13:46 +00:00
|
|
|
- name: Scan for SSH host keys
|
|
|
|
command: ssh-keyscan github.com 2>/dev/null
|
2022-05-31 04:36:55 +00:00
|
|
|
register: ssh_scan
|
2023-01-20 02:50:30 +00:00
|
|
|
changed_when: false
|
2022-05-31 04:36:55 +00:00
|
|
|
|
2023-01-20 02:50:30 +00:00
|
|
|
- name: Update .ssh/known_hosts
|
|
|
|
blockinfile:
|
|
|
|
path: /root/.ssh/known_hosts
|
|
|
|
block: "{{ ssh_scan.stdout_lines|join('\n') }}"
|
|
|
|
insertbefore: BOF
|
|
|
|
create: yes
|
2022-05-31 05:13:46 +00:00
|
|
|
owner: root
|
|
|
|
mode: u=rw,g=,o=
|
2022-05-31 04:36:55 +00:00
|
|
|
|
2022-08-02 18:49:02 +00:00
|
|
|
# this keypair is trusted under my github account, so it allows my vps to make pushes
|
2023-01-20 02:50:30 +00:00
|
|
|
# to the main branch of my openpunk repository. (see roles/deadswitchfiles/imdead.sh)
|
2022-08-02 18:49:02 +00:00
|
|
|
|
2022-05-31 05:13:46 +00:00
|
|
|
- name: Install ssh priv key
|
|
|
|
copy:
|
2022-05-31 04:36:55 +00:00
|
|
|
src: secrets/id_ed25519
|
2022-05-31 04:39:32 +00:00
|
|
|
dest: /root/.ssh/id_ed25519
|
2022-05-31 05:13:46 +00:00
|
|
|
mode: u=rw,g=,o=
|
2022-05-31 04:39:32 +00:00
|
|
|
|
2022-05-31 05:13:46 +00:00
|
|
|
- name: Install ssh pub key
|
|
|
|
copy:
|
2022-05-31 04:39:32 +00:00
|
|
|
src: secrets/id_ed25519.pub
|
|
|
|
dest: /root/.ssh/id_ed25519.pub
|