Mercurial > code > home > repos > infra

diff ssh.py @ 12:15c5ce7c74b5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refactor, cleanup, split large deploys
author drewp@bigasterisk.com
date Thu, 11 Nov 2021 23:31:21 -0800
parents
children 3d4340fbb16c
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ssh.py	Thu Nov 11 23:31:21 2021 -0800
@@ -0,0 +1,22 @@
+from pyinfra import host
+from pyinfra.facts.server import LinuxDistribution
+from pyinfra.operations import files, systemd
+
+is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
+
+systemd.service(
+    service='ssh',
+    running=True,
+    enabled=True,
+)
+
+files.line(path='/etc/ssh/ssh_config', line="HashKnownHosts", replace="HashKnownHosts no")
+
+if is_pi:
+    auth_keys = '/home/pi/.ssh/authorized_keys'
+    files.file(path=auth_keys, user='pi', group='pi', mode=600)
+    for pubkey in [
+            'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNlR7hereUHqw/RHQau0F7+vQZKAxduM+SD4R76FhC+4Zi078Pv04ZLe9qdM/NBlB/grLGhG58vaGmnWPpJ3QJs= drewp@plus',
+            'ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOR+iV8Qm/rAfmq0epXYfnp5ZTfBl8eidFzw1GmyZ3fPUFAshWn839fQ5DPj9xDPtMy9kTtrB5bK1SnynFzDqzQ= drewp@bang',
+    ]:
+        files.line(path=auth_keys, line=pubkey, replace=pubkey)