From: alex <alex@pdp7.net>
Date: Mon, 9 Jan 2023 20:28:47 +0000 (+0100)
Subject: Add setup_tinc_keys
X-Git-Tag: 20240214-emacs~513
X-Git-Url: https://xn--ix-yja.es/gitweb/?a=commitdiff_plain;h=f94ade6da8575fbe7488ba102d3e06706f832c6e;p=alex.git

Add setup_tinc_keys
---

diff --git a/personal_infra/playbooks/setup_tinc_keys.yaml b/personal_infra/playbooks/setup_tinc_keys.yaml
new file mode 100644
index 0000000..bdd6711
--- /dev/null
+++ b/personal_infra/playbooks/setup_tinc_keys.yaml
@@ -0,0 +1,27 @@
+---
+- hosts: tinc
+  tasks:
+  - name: create tinc folder
+    file:
+      path: /etc/ansible/tinc/
+      state: directory
+      recurse: yes
+  - name: generate key
+    command: openssl genrsa -out /etc/ansible/tinc/private.pem 2048
+    args:
+      creates: /etc/ansible/tinc/private.pem
+  - name: generate public
+    command: openssl rsa -in /etc/ansible/tinc/private.pem -outform PEM -pubout -out /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+    args:
+      creates: /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+  - name: get public
+    fetch:
+      src: "/etc/ansible/tinc/public_{{ network.public_hostname }}.pem"
+      dest: /tmp/
+      flat: yes
+  - name: distribute public
+    copy:
+      src: "/tmp/public_{{ hostvars[item].network.public_hostname }}.pem"
+      dest: "/etc/ansible/tinc/"
+    with_inventory_hostnames:
+      - tinc