infra: ssh.py annotate

annotate ssh.py @ 12:15c5ce7c74b5

refactor, cleanup, split large deploys

author	drewp@bigasterisk.com
date	Thu, 11 Nov 2021 23:31:21 -0800
parents
children	3d4340fbb16c

rev	line source
12 15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	1 from pyinfra import host
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	2 from pyinfra.facts.server import LinuxDistribution
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	3 from pyinfra.operations import files, systemd
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	4
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	5 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	6
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	7 systemd.service(
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	8 service='ssh',
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	9 running=True,
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	10 enabled=True,
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	11 )
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	12
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	13 files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no")
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	14
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	15 if is_pi:
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	16 auth_keys = '/home/pi/.ssh/authorized_keys'
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	17 files.file(path=auth_keys, user='pi', group='pi', mode=600)
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	18 for pubkey in [
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	19 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNlR7hereUHqw/RHQau0F7+vQZKAxduM+SD4R76FhC+4Zi078Pv04ZLe9qdM/NBlB/grLGhG58vaGmnWPpJ3QJs= drewp@plus',
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	20 'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOR+iV8Qm/rAfmq0epXYfnp5ZTfBl8eidFzw1GmyZ3fPUFAshWn839fQ5DPj9xDPtMy9kTtrB5bK1SnynFzDqzQ= drewp@bang',
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	21 ]:
15c5ce7c74b5 refactor, cleanup, split large deploys drewp@bigasterisk.com parents: diff changeset	22 files.line(path=auth_keys, line=pubkey, replace=pubkey)

Mercurial > code > home > repos > infra

annotate ssh.py @ 12:15c5ce7c74b5