yurihs.autossh

Panoramica Versioni Approfondimenti

Ansible Role: autossh

Ansible Galaxy Badge

  • Installs autossh and sets up systemd services to keep SSH tunnels open.
  • Finds host keys to prevent prompts for host key verification.

This project was copied from memiah/ansible-role-autossh and modified to work on Debian systems instead of RedHat.

Make sure that the SSH user exists and has the necessary permissions to connect to the remote server. The corresponding SSH key must also be available on the local server.

Role variables (default values)

autossh_connections:
  - id: "example" # Unique identifier for the connection (allowed characters: "a-z,0-9,-").
    user: "" # Username for the remote server connection.
    server: "" # IP address or hostname of the remote server.
    server_key_type: "" # Type of key for the remote server, defaults to autossh_default_server_key_type. (Optional)
    local_port: "" # Port on the local machine to forward.
    dest_server: "" # IP address or hostname to use on the remote server, defaults to autossh_default_dest_server. (Optional)
    dest_port: "" # Port on the remote server to connect to.
    identity_file: "" # Path to the SSH private key, defaults to autossh_default_ssh_key_path. (Optional)

You can specify multiple SSH connection settings here.

autossh_path: "/usr/bin/autossh"

Path where autossh is installed.

autossh_ssh_dir: "/root/.ssh"

Directory for SSH configuration files.

autossh_systemd_dir: "/etc/systemd/system/"

Directory for systemd system files.

autossh_known_hosts_file: "{{ autossh_ssh_dir }}/known_hosts"

Path to the known hosts file.

autossh_default_server_key_type: "ecdsa"

Default key type for the remote server. You can change this for a specific connection using the server_key_type option in the autossh_connections list. 

autossh_default_dest_server: "127.0.0.1"

Default IP address or hostname to use on the remote server, usually localhost or 127.0.0.1. You can change this for a specific connection using the dest_server option in the autossh_connections list. 

autossh_default_identity_file: "/root/.ssh/id_rsa"

Default path to the file containing the identity (private key) for public key authentication, which is /root/.ssh/id_rsa for version 2. You can change this for a specific connection using the identity_file option in the autossh_connections list.

Example

To forward local port 33061 to port 3306 on db.example.com, connecting via SSH as [email protected], use the following configuration:

- hosts: backup
  vars:
    autossh_connections:
      - id: mysql
        user: backup
        server: db.example.com
        local_port: '33061'
        dest_port: '3306'
  roles:
    - role: yurihs.autossh
      become: true

This will create a new service called autossh-backup.service, which can be managed using systemctl commands:

systemctl status autossh-backup.service
systemctl restart autossh-backup.service
...

Authors

This role was created in 2016 by Memiah Limited.

The adaptation for Debian was done in 2019 by yurihs.

Informazioni sul progetto

Ansible role for configuring multiple autossh connections

role autossh ssh tunnel
Installa
ansible-galaxy install yurihs.autossh
GitHub repository
1 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
3.2k
Proprietario