diff options
| -rw-r--r-- | host_vars/localhost.yml | 4 | ||||
| -rw-r--r-- | host_vars/ws-bare01.yml (renamed from host_vars/ws-bentonite.yml) | 0 | ||||
| -rw-r--r-- | host_vars/ws-think02.yml | 3 | ||||
| -rw-r--r-- | inventory.ini | 11 | ||||
| l--------- | playbooks/templates | 1 | ||||
| -rw-r--r-- | roles/workstation/tasks/main.yml | 11 | ||||
| -rw-r--r-- | roles/workstation/tasks/ssh.yml | 18 | ||||
| -rw-r--r-- | roles/workstation/templates/ssh.config.j2 | 11 | ||||
| -rw-r--r-- | templates/macros.j2 | 15 |
9 files changed, 74 insertions, 0 deletions
diff --git a/host_vars/localhost.yml b/host_vars/localhost.yml index 5bb76b0..c212ded 100644 --- a/host_vars/localhost.yml +++ b/host_vars/localhost.yml @@ -1,2 +1,6 @@ ansible_host: 127.0.0.1 ansible_connection: local + +__ip: + external: 127.0.0.1 + internal: 127.0.0.1 diff --git a/host_vars/ws-bentonite.yml b/host_vars/ws-bare01.yml index dedc166..dedc166 100644 --- a/host_vars/ws-bentonite.yml +++ b/host_vars/ws-bare01.yml diff --git a/host_vars/ws-think02.yml b/host_vars/ws-think02.yml new file mode 100644 index 0000000..3665907 --- /dev/null +++ b/host_vars/ws-think02.yml @@ -0,0 +1,3 @@ +__ip: + external: dhcp + internal: 10.10.0.83 diff --git a/inventory.ini b/inventory.ini index d335577..dc5c1e7 100644 --- a/inventory.ini +++ b/inventory.ini @@ -1,6 +1,17 @@ [all] localhost +ws-think01 +ws-think02 +ws-bare01 +ws-xps01 +dc0 +stack0 +stack0-dc1 +stack0-cld0 + +[servers] +dc0 stack0 stack0-dc1 stack0-cld0 diff --git a/playbooks/templates b/playbooks/templates new file mode 120000 index 0000000..564a409 --- /dev/null +++ b/playbooks/templates @@ -0,0 +1 @@ +../templates
\ No newline at end of file diff --git a/roles/workstation/tasks/main.yml b/roles/workstation/tasks/main.yml index c20b81b..87f6188 100644 --- a/roles/workstation/tasks/main.yml +++ b/roles/workstation/tasks/main.yml @@ -32,3 +32,14 @@ file: smartcard.yml apply: tags: task_smartcard + +- name: include ssh setup + tags: always + include_tasks: + file: ssh.yml + apply: + tags: task_ssh + args: + apply: + become: true + become_user: "{{ workstation_user }}" diff --git a/roles/workstation/tasks/ssh.yml b/roles/workstation/tasks/ssh.yml new file mode 100644 index 0000000..318198e --- /dev/null +++ b/roles/workstation/tasks/ssh.yml @@ -0,0 +1,18 @@ +- name: create ssh directory + file: + path: "/home/{{ workstation_user }}/{{ item }}" + owner: "{{ workstation_user }}" + group: "{{ workstation_user }}" + state: directory + mode: 0700 + loop: + - .ssh + - .ssh/config.d + +- name: generate ssh configuration + template: + src: ssh.config.j2 + dest: "/home/{{ workstation_user }}/.ssh/config.d/dns.config" + owner: "{{ workstation_user }}" + group: "{{ workstation_user }}" + mode: 0600 diff --git a/roles/workstation/templates/ssh.config.j2 b/roles/workstation/templates/ssh.config.j2 new file mode 100644 index 0000000..2915a1a --- /dev/null +++ b/roles/workstation/templates/ssh.config.j2 @@ -0,0 +1,11 @@ +# managed by Ansible +{% import 'macros.j2' as macros with context %} + +{% call(h) macros.loop_valid_hosts("all") %} +{% set command = "pgrep wg && ! ping -c 1 -w 1 %s" % h.__ip.external %} +Match originalHost {{ h.inventory_hostname }} exec "{{ command }}" + HostName {{ h.__ip.internal }} +Match originalHost {{ h.inventory_hostname }} + HostName {{ h.__ip.external }} + +{% endcall %} diff --git a/templates/macros.j2 b/templates/macros.j2 new file mode 100644 index 0000000..d3f755a --- /dev/null +++ b/templates/macros.j2 @@ -0,0 +1,15 @@ +{% macro loop_hosts(group) -%} +{% for h in groups[group] -%} +{% set h = dict(hostvars[h]) %} +{{ caller(h) }} +{%- endfor %} +{%- endmacro %} + +{% macro loop_valid_hosts(group) -%} +{% for h in groups[group] -%} +{% set h = dict(hostvars[h]) %} +{% if h.__ip.external is defined and h.__ip.internal is defined -%} +{{ caller(h) }} +{%- endif %} +{%- endfor %} +{%- endmacro %} |