Changeset - 9f48ea488876
[Not reviewed]
0 1 0
Branko Majic (branko) - 4 years ago 2021-01-18 21:46:14
branko@majic.rs
MAR-151: Fix authentication issues for backup client in usage instructions:

- Add warning about how Ansible file lookup can mess with trailing
newlines.
- Disable stripping of newlines when reading the backup client SSH
private key.
1 file changed with 10 insertions and 1 deletions:
0 comments (0 inline, 0 general)
docs/usage.rst
Show inline comments
 
@@ -2267,6 +2267,15 @@ So, back to the business:
 

	
 
2. And now to configure backup clients for all servers:
 

	
 
   .. warning::
 
      By default Ansible's file lookup plugin will strip newlines and
 
      spaces from the end of the file. This is a problem when
 
      deploying the RSA ssh keys, since if there is no newline after
 
      the ``-----END OPENSSH PRIVATE KEY-----`` delimeter, ssh client
 
      will report error about the format of the key file being
 
      invalid. Therefore the example below explicitly disables
 
      stripping newline from the end of the file.
 

	
 
   :file:`~/mysite/group_vars/all.yml`
 
   ::
 

	
 
@@ -2277,7 +2286,7 @@ So, back to the business:
 
        - "{{ lookup('file', inventory_dir + '/ssh/bak_rsa_key.pub') }}"
 
        - "{{ lookup('file', inventory_dir + '/ssh/bak_ed25519_key.pub') }}"
 
        - "{{ lookup('file', inventory_dir + '/ssh/bak_ecdsa_key.pub') }}"
 
      backup_ssh_key: "{{ lookup('file', inventory_dir + '/ssh/' + ansible_fqdn) }}"
 
      backup_ssh_key: "{{ lookup('file', inventory_dir + '/ssh/' + ansible_fqdn, rstrip=False) }}"
 

	
 
3. So, looking at the configuration up there, there is a couple of file lookups
 
   for getting the variable values, as well as one pipe lookup for fetching the
0 comments (0 inline, 0 general)