change olam passwordless ssh setup

William Graef · William Graef · commit 9808bc44247c · 2025-01-07T20:53:22.000-05:00
diff --git a/olam/create_instance.yml b/olam/create_instance.yml
@@ -310,7 +310,7 @@
           + groups['server']|default([])
 
     - name: Configure passwordless SSH
-      ansible.builtin.include_tasks: "olam_passwordless_setup.yml"
+      ansible.builtin.include_tasks: "passwordless_setup.yml"
       when: passwordless_ssh
 
     - name: Install Oracle Linux Automation Engine
diff --git a/olam/passwordless_setup.yml b/olam/passwordless_setup.yml
@@ -1,56 +1,53 @@
 ---
-# Copyright (c) 2024, 2025 Oracle and/or its affiliates.
+# Copyright (c) 2024 Oracle and/or its affiliates.
 # This software is made available to you under the terms of the Universal Permissive License (UPL), Version 1.0.
 # The Universal Permissive License (UPL), Version 1.0 (see COPYING or https://oss.oracle.com/licenses/upl)
 # See LICENSE.TXT for details.
 
-- name: Generate ssh keypair for ol-control-node
+- name: Generate ssh keypair for user
   community.crypto.openssh_keypair:
     path: ~/.ssh/id_rsa
     size: 2048
-    comment: olam ssh keypair
+    comment: ol ssh keypair
   become: true
   become_user: "{{ username }}"
-  when: inventory_hostname in groups['control']|default([])
 
-- name: Fetch public key file from ol-control-node
+- name: Fetch public key file from server
   ansible.builtin.fetch:
     src: "~/.ssh/id_rsa.pub"
     dest: "buffer/{{ inventory_hostname }}-id_rsa.pub"
     flat: true
   become: true
   become_user: "{{ username }}"
-  when: inventory_hostname in groups['control']|default([])
 
-- name: Copy public key to ol-host
+- name: Copy public key to each destination
   ansible.posix.authorized_key:
-    user: opc
+    user: "{{ username }}"
     state: present
     key: "{{ lookup('file', 'buffer/{{ item }}-id_rsa.pub') }}"
-  loop: "{{ groups['control'] | flatten(levels=1) }}"
+  loop: "{{ groups['all'] | flatten(levels=1) }}"
   become: true
-  when:
-    - "'remote' in groups"
-    - inventory_hostname in groups['remote']|default([])
 
 - name: Print hostvars for groups
   ansible.builtin.debug:
     msg: "{{ hostvars[item] }}"
   loop: "{{ groups['all'] | flatten(levels=1) }}"
   when: debug_enabled
 
+- name: Print vnc subnet_domain_name
+  ansible.builtin.debug:
+    var: my_subnet_domain_name
+  when: debug_enabled
+
 - name: Accept new ssh fingerprints
   ansible.builtin.shell: |
     ssh-keyscan -t ecdsa-sha2-nistp256 \
     {{ hostvars[item].ansible_hostname }},\
     {{ hostvars[item].ansible_default_ipv4.address }},\
     {{ hostvars[item].ansible_hostname + '.' + my_subnet_domain_name }} >> ~/.ssh/known_hosts
   with_items:
-    - "{{ groups['remote'] }}"
+    - "{{ groups['all'] }}"
   become: true
   become_user: "{{ username }}"
   register: result
   changed_when: result.rc == 0
-  when:
-    - "'remote' in groups"
-    - inventory_hostname in groups['control']|default([])
