solutionDrive.deployment
Role Name
Role to prepare Servers for Deployment. Place ssh-key-Pairs for Authentication with Git-Repositorys
Requirements
none
Role Variables
Dependencies
none
Example Playbook
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
BSD
Files
the following files are encrypted with our base password:
- auth.json
- id_rsa
- id_rsa.pub
This will only work in Projects which are using this insecure base-Password. To be able to use this role in Projects with greater security-needs (with different vaultpass), this files can be placed in the files-directory of the Ansible-Project and can be re-encrypted with the new Password. It is important that
- the files are named differently
- the default-Variables of this role containing the standard-Filenames are overwritten with the new Filenames.
SSH Host Keys
The public keys for the following SSH hosts are stored here:
- github.com
- bitbucket.org
- packagist.org
This is important to avoid scanning for ssh keys on each ansible run.
They can be obtained/generated by:
ssh-keyscan -t rsa {bitbucket.org,github.com,packagist.org}
Please make sure that they are up-to-date and correct(!). You can find the fingerprints here:
- https://help.github.com/articles/github-s-ssh-key-fingerprints/
- https://confluence.atlassian.com/bitbucket/troubleshoot-ssh-issues-271943403.html
Author Information
Matthias Alt alt@solutiondrive.de
ansible-galaxy install solutionDrive.deployment