Add setup_tinc_keys

author: alex <alex@pdp7.net> 2023-01-09 21:28:47 +0100
committer: alex <alex@pdp7.net> 2023-01-09 21:28:47 +0100
commit: f94ade6da8575fbe7488ba102d3e06706f832c6e (patch)
tree: a845025b0a45076b83342fa8d8a13027abfdfbc5 /personal_infra
parent: 89071cb8f8dd54adff3ba9f59749c015a1716507 (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/personal_infra/playbooks/setup_tinc_keys.yaml b/personal_infra/playbooks/setup_tinc_keys.yaml
new file mode 100644
index 00000000..bdd67116
--- /dev/null
+++ b/personal_infra/playbooks/setup_tinc_keys.yaml
@@ -0,0 +1,27 @@
+---
+- hosts: tinc
+  tasks:
+  - name: create tinc folder
+    file:
+      path: /etc/ansible/tinc/
+      state: directory
+      recurse: yes
+  - name: generate key
+    command: openssl genrsa -out /etc/ansible/tinc/private.pem 2048
+    args:
+      creates: /etc/ansible/tinc/private.pem
+  - name: generate public
+    command: openssl rsa -in /etc/ansible/tinc/private.pem -outform PEM -pubout -out /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+    args:
+      creates: /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+  - name: get public
+    fetch:
+      src: "/etc/ansible/tinc/public_{{ network.public_hostname }}.pem"
+      dest: /tmp/
+      flat: yes
+  - name: distribute public
+    copy:
+      src: "/tmp/public_{{ hostvars[item].network.public_hostname }}.pem"
+      dest: "/etc/ansible/tinc/"
+    with_inventory_hostnames:
+      - tinc
author	alex <alex@pdp7.net>	2023-01-09 21:28:47 +0100
committer	alex <alex@pdp7.net>	2023-01-09 21:28:47 +0100
commit	f94ade6da8575fbe7488ba102d3e06706f832c6e (patch)
tree	a845025b0a45076b83342fa8d8a13027abfdfbc5 /personal_infra
parent	89071cb8f8dd54adff3ba9f59749c015a1716507 (diff)