lilik_playbook

Commit Graph

Author	SHA1	Message	Date
Zolfa	9e721636d5	library/gen_passwd.py: from Python 2 to 3	5 years ago
Zolfa	1ca9f816d8	roles/ssh_server: multi key and OpenSSH v8 support Add support for OpenSSH v8 (ouput of `ssh-keygen` changed slightly) in module `ssh_cert` and use a better implementation for multiple user CA. Now we are reading user_ca from `group_vars/all.yaml`. `user_ca_keys` should be list of each allowed User CA on one host (in this way is easier to rotate CAs without reissuing keys to each user at the same time). The production CA must be the first one in the list. Host certificate will be checked only against the first CA and updated if their host key was issued from another CA in the list. For this reason now we are using a template to create `/etc/ssh/user_ca.pub` on the target, to preserve the key order. `group_vars/all.yaml.example` has been updated to reflect the new usage.	5 years ago
Zolfa	c760358160	library/ssh_cert.py: make it works with python3 Mainly string vs bytes-string issues. Compatibility with Python 2.x now broken.	5 years ago
Edoardo Putti	b6ca4aba33	[fix] typo in cert_request module	6 years ago
Edoardo Putti	7333719055	draft for sign_request module	6 years ago
Edoardo Putti	cc9e7d8193	default failed attribute to False	7 years ago
Edoardo Putti	b0b87a4fe7	add return codes conforming to ssh-keycheck	7 years ago
Edoardo Putti	56614c0acc	parse ssh-keygen output from python this module will help parsing the result of ssh certificates and certification authorities to validate them	7 years ago
Andrea Cimbalo	aa5068db05	Use default ansible folder for filter and connection plugin	7 years ago
Edoardo Putti	8696ac54b3	move filter to library	7 years ago
Andrea Cimbalo	1d0e62b2f3	move vm ssh-server to a separate role and use lxc_ssh connection plugin to execute it on the lxc_guest	8 years ago
Andrea Cimbalo	26c4317049	don't mark host as changed on container_exists	8 years ago
Edoardo Putti	52a28d9e85	move exit result in container function	8 years ago
Edoardo Putti	247237fd2e	handle failure message	8 years ago
Edoardo Putti	0f29d996b7	pass module to file_read function	8 years ago
Edoardo Putti	30b45c79e0	remove redundant key	8 years ago
Edoardo Putti	28fa75e1de	handle errors in read_file function	8 years ago
Edoardo Putti	9c0698990e	fix calling convention in lxc.attach_wait for write_file module	8 years ago
Edoardo Putti	8dfed4b191	add draft for reading file in container from ansible	8 years ago
Edoardo Putti	5f855ae471	add draft for writing files to container from ansible	8 years ago
Edoardo Putti	1f7705a321	fix correct instance of result	8 years ago
Edoardo Putti	cd5b1018bb	remove unused functions in module	8 years ago
Edoardo Putti	a29f77b05b	change to more general module usage	8 years ago
Edoardo Putti	3a42c4a9cf	draft for checking host certificate task	8 years ago
Edoardo Putti	aec96166c8	add module container_exists to library	8 years ago
kaos	53b46a8a62	update ldap playbook	9 years ago
Slash	4f950b79cf	Some playbooks full of joy.	9 years ago

27 Commits (32e9eeb91fce2508760337305af8b8672648d984)