From d4f8d3c67270fc1b90f79dd02dda1ec715ad2e7e Mon Sep 17 00:00:00 2001 From: Steven Elliott Date: Wed, 10 Sep 2025 11:43:36 +0000 Subject: [PATCH] Fixing an issue with ssh key generation for linux.base_objects --- .gitignore | 3 ++ .../linux/INSTALL/tasks.yml | 35 ++++++++++++++----- .../linux/INSTALL/vars.yml | 10 ++---- 3 files changed, 31 insertions(+), 17 deletions(-) diff --git a/.gitignore b/.gitignore index 9682161..92ca087 100644 --- a/.gitignore +++ b/.gitignore @@ -102,3 +102,6 @@ Session.vim ## Temporary *~ + +artifacts/ +*.installed diff --git a/src/firewheel_repo_linux/linux/INSTALL/tasks.yml b/src/firewheel_repo_linux/linux/INSTALL/tasks.yml index 53d202e..dc3dc0b 100644 --- a/src/firewheel_repo_linux/linux/INSTALL/tasks.yml +++ b/src/firewheel_repo_linux/linux/INSTALL/tasks.yml @@ -10,6 +10,17 @@ state: directory loop: "{{ files }}" +- name: Create parent directories for SSH + ansible.builtin.file: + path: "{{ ssh_profile.path }}" + state: directory + mode: "0700" + +- name: Check if combined_profiles.tgz exists + ansible.builtin.stat: + path: "{{ download_dir }}/combined_profiles.tgz" + register: combined_profiles_stat + - name: Download and verify files ansible.builtin.get_url: url: "{{ item.url }}" @@ -17,18 +28,20 @@ checksum: "sha256:{{ item.sha256 }}" loop: "{{ files }}" -- name: Generate SSH key pair (if applicable) - ansible.builtin.openssh_keypair: +- name: Check if SSH private key already exists + ansible.builtin.stat: path: "{{ ssh_profile.path }}/id_rsa" - type: rsa - size: 2048 - when: ssh_profile.ssh_keypair | default(false) + register: ssh_key_status + +- name: Generate SSH key pair using Bash (if not already present) + ansible.builtin.command: > + ssh-keygen -t rsa -b 2048 -f "{{ ssh_profile.path }}/id_rsa" -N "" + when: not ssh_key_status.stat.exists - name: Add public key to authorized_keys ansible.builtin.copy: content: "{{ lookup('file', ssh_profile.path + '/id_rsa.pub') }}" dest: "{{ ssh_profile.path }}/authorized_keys" - when: ssh_profile.ssh_keypair | default(false) - name: Create SSH config file ansible.builtin.copy: @@ -38,22 +51,26 @@ UserKnownHostsFile /dev/null ForwardX11Trusted yes dest: "{{ ssh_profile.path }}/config" - when: ssh_profile.ssh_keypair | default(false) - name: Set permissions for SSH files ansible.builtin.file: path: "{{ ssh_profile.path }}/{{ item.file }}" mode: "{{ item.mode }}" loop: "{{ ssh_profile.permissions }}" - when: ssh_profile.ssh_keypair | default(false) - name: Compress profiles into tarball ansible.builtin.archive: path: - "{{ download_dir }}/profiles" - - "{{ ssh_profile.path }}" dest: "{{ download_dir }}/combined_profiles.tgz" format: gz + when: not combined_profiles_stat.stat.exists + +- name: Set permissions for combined_profiles.tgz + ansible.builtin.file: + path: "{{ download_dir }}/combined_profiles.tgz" + mode: "0666" + when: combined_profiles_stat.stat.exists - name: Clean up temporary files ansible.builtin.file: diff --git a/src/firewheel_repo_linux/linux/INSTALL/vars.yml b/src/firewheel_repo_linux/linux/INSTALL/vars.yml index aa11d51..ba4dfc0 100644 --- a/src/firewheel_repo_linux/linux/INSTALL/vars.yml +++ b/src/firewheel_repo_linux/linux/INSTALL/vars.yml @@ -9,14 +9,13 @@ files: dest: ".bashrc" url: "https://github.com/sudonitesh/beautiful-bash/raw/4ad53ee9d1b0e2104e9dd77ae4f74e71262395d5/.bashrc" sha256: "19fca5072753f1bf8da1d4770d7dfe409c84e29ad21bbe92abbe37b7232df249" - - parent: "profiles" + - parent: "." dest: "tmux-cssh" url: "https://gitlab.com/peikk0/tmux-cssh/-/raw/a35957f7d9a0dbfd296b73dbb6f56ee4c193dc56/tmux-cssh" sha256: "cd44ed3321abc190a0a128b944b004857770e8ea18c03952e63a234cb3056098" ssh_profile: - path: "{{ download_dir }}/.ssh" - ssh_keypair: true + path: "{{ download_dir }}/profiles/.ssh" permissions: - file: "authorized_keys" mode: "0600" @@ -26,8 +25,3 @@ ssh_profile: required_files: - destination: "{{ download_dir }}/combined_profiles.tgz" - destination: "{{ download_dir }}/tmux-cssh" - - destination: "{{ mc_dir }}/vm_resources/chpasswd.sh" - - destination: "{{ mc_dir }}/vm_resources/configure_ips.sh" - - destination: "{{ mc_dir }}/vm_resources/set_hostname.sh" - - destination: "{{ mc_dir }}/vm_resources/set_netplan_interfaces.sh" - - destination: "{{ mc_dir }}/vm_resources/set_ulimit.sh"