|
@@ -2098,7 +2098,6 @@ straight to it:
|
|
|
---
|
|
|
|
|
|
backup_host_ssh_private_keys:
|
|
|
dsa: "{{ lookup('file', inventory_dir + '/ssh/bak_dsa_key') }}"
|
|
|
rsa: "{{ lookup('file', inventory_dir + '/ssh/bak_rsa_key') }}"
|
|
|
ed25519: "{{ lookup('file', inventory_dir + '/ssh/bak_ed25519_key') }}"
|
|
|
ecdsa: "{{ lookup('file', inventory_dir + '/ssh/bak_ecdsa_key') }}"
|
|
@@ -2106,7 +2105,6 @@ straight to it:
|
|
|
3. Since we have decided to specify the keys above through file lookup, the
|
|
|
above-listed keys now need to be generated::
|
|
|
|
|
|
ssh-keygen -f ~/mysite/ssh/bak_dsa_key -N '' -t dsa
|
|
|
ssh-keygen -f ~/mysite/ssh/bak_rsa_key -N '' -t rsa
|
|
|
ssh-keygen -f ~/mysite/ssh/bak_ed25519_key -N '' -t ed25519
|
|
|
ssh-keygen -f ~/mysite/ssh/bak_ecdsa_key -N '' -t ecdsa
|
|
@@ -2163,7 +2161,6 @@ So, back to the business:
|
|
|
backup_encryption_key: "{{ lookup('pipe', 'gpg --homedir ~/mysite/gnupg/ --armour --export-secret-keys ' + ansible_fqdn ) }}"
|
|
|
backup_server: bak.example.com
|
|
|
backup_server_host_ssh_public_keys:
|
|
|
- "{{ lookup('file', inventory_dir + '/ssh/bak_dsa_key.pub') }}"
|
|
|
- "{{ lookup('file', inventory_dir + '/ssh/bak_rsa_key.pub') }}"
|
|
|
- "{{ lookup('file', inventory_dir + '/ssh/bak_ed25519_key.pub') }}"
|
|
|
- "{{ lookup('file', inventory_dir + '/ssh/bak_ecdsa_key.pub') }}"
|