From f94ade6da8575fbe7488ba102d3e06706f832c6e Mon Sep 17 00:00:00 2001
From: alex <alex@pdp7.net>
Date: Mon, 9 Jan 2023 21:28:47 +0100
Subject: [PATCH] Add setup_tinc_keys

---
 personal_infra/playbooks/setup_tinc_keys.yaml | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 personal_infra/playbooks/setup_tinc_keys.yaml

diff --git a/personal_infra/playbooks/setup_tinc_keys.yaml b/personal_infra/playbooks/setup_tinc_keys.yaml
new file mode 100644
index 0000000..bdd6711
--- /dev/null
+++ b/personal_infra/playbooks/setup_tinc_keys.yaml
@@ -0,0 +1,27 @@
+---
+- hosts: tinc
+  tasks:
+  - name: create tinc folder
+    file:
+      path: /etc/ansible/tinc/
+      state: directory
+      recurse: yes
+  - name: generate key
+    command: openssl genrsa -out /etc/ansible/tinc/private.pem 2048
+    args:
+      creates: /etc/ansible/tinc/private.pem
+  - name: generate public
+    command: openssl rsa -in /etc/ansible/tinc/private.pem -outform PEM -pubout -out /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+    args:
+      creates: /etc/ansible/tinc/public_{{ network.public_hostname }}.pem
+  - name: get public
+    fetch:
+      src: "/etc/ansible/tinc/public_{{ network.public_hostname }}.pem"
+      dest: /tmp/
+      flat: yes
+  - name: distribute public
+    copy:
+      src: "/tmp/public_{{ hostvars[item].network.public_hostname }}.pem"
+      dest: "/etc/ansible/tinc/"
+    with_inventory_hostnames:
+      - tinc
-- 
2.47.3