From 1dc6e1a0fa6d9fa5d47c58043bf50706af8ce465 Mon Sep 17 00:00:00 2001 From: Defunct Date: Thu, 27 Oct 2016 19:00:43 +0000 Subject: [PATCH 1/4] resolves #118 - AWS env keys --- roles/cloud-ec2/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml index eace8c4..e2b0a65 100644 --- a/roles/cloud-ec2/tasks/main.yml +++ b/roles/cloud-ec2/tasks/main.yml @@ -1,7 +1,7 @@ - name: Locate official Ubuntu 16.04 AMI for region ec2_ami_find: - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" + aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" + aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" name: "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*" owner: 099720109477 sort: name @@ -15,8 +15,8 @@ - name: Add ssh public key ec2_key: - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" + aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" + aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" name: VPNKEY region: "{{ region }}" key_material: "{{ item }}" @@ -25,8 +25,8 @@ - name: Configure EC2 security group ec2_group: - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" + aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" + aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" name: vpn-secgroup description: Security group for VPN servers region: "{{ region }}" @@ -51,8 +51,8 @@ - name: Launch instance ec2: - aws_access_key: "{{ aws_access_key }}" - aws_secret_key: "{{ aws_secret_key }}" + aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'))}}" + aws_secret_key: "{{ aws_secret_key | default(lookup('env','AWS_SECRET_ACCESS_KEY'))}}" keypair: "VPNKEY" group: vpn-secgroup instance_type: t2.nano From 74b9f0a15a2d466726960eeabc6a840ad6bc5048 Mon Sep 17 00:00:00 2001 From: Defunct Date: Thu, 27 Oct 2016 19:29:19 +0000 Subject: [PATCH 2/4] support older bash versions - resolves #116 --- algo | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/algo b/algo index c24fe1e..eba3eb4 100755 --- a/algo +++ b/algo @@ -103,9 +103,10 @@ Enter your aws_secret_key (http://docs.aws.amazon.com/general/latest/gr/managing Note: Make sure to use either your root key (recommended) or an IAM user with an acceptable policy attached [ABCD...]: " -rs aws_secret_key - read -e -p " -Enter the local path to your SSH public key: -: " -i "~/.ssh/id_rsa.pub" -r ssh_public_key + + read -p " +Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key_file +ssh_public_key=${ssh_public_key_file:-$HOME/.ssh/id_rsa.pub} read -p " Name the vpn server: @@ -154,9 +155,9 @@ gce () { Enter the local path to your credentials JSON file (https://support.google.com/cloud/answer/6158849?hl=en&ref_topic=6262490#serviceaccounts): : " -r credentials_file - read -e -p " -Enter the local path to your SSH public key: -: " -i "~/.ssh/id_rsa.pub" -r ssh_public_key + read -p " +Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key +ssh_public_key=${ssh_public_key_file:-$HOME/.ssh/id_rsa.pub} read -p " Name the vpn server: From 437d659eb638545a26395c75f374ab61cc8c95fb Mon Sep 17 00:00:00 2001 From: Defunct Date: Sun, 13 Nov 2016 18:44:41 +0000 Subject: [PATCH 3/4] resolves #126 - incorrect private key usage w/o ssh-agent --- algo | 8 ++++---- roles/cloud-ec2/tasks/main.yml | 1 + 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/algo b/algo index eba3eb4..8eeb05a 100755 --- a/algo +++ b/algo @@ -105,10 +105,10 @@ Note: Make sure to use either your root key (recommended) or an IAM user with an read -p " -Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key_file -ssh_public_key=${ssh_public_key_file:-$HOME/.ssh/id_rsa.pub} +Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key + ssh_public_key=${ssh_public_key:-$HOME/.ssh/id_rsa.pub} - read -p " +read -p " Name the vpn server: [algo]: " -r aws_server_name aws_server_name=${aws_server_name:-algo} @@ -157,7 +157,7 @@ Enter the local path to your credentials JSON file (https://support.google.com/c read -p " Enter the local path to your SSH public key (~/.ssh/id_rsa.pub): " -r ssh_public_key -ssh_public_key=${ssh_public_key_file:-$HOME/.ssh/id_rsa.pub} + ssh_public_key=${ssh_public_key:-$HOME/.ssh/id_rsa.pub} read -p " Name the vpn server: diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml index e2b0a65..4b8de61 100644 --- a/roles/cloud-ec2/tasks/main.yml +++ b/roles/cloud-ec2/tasks/main.yml @@ -66,6 +66,7 @@ - name: Add new instance to host group add_host: hostname: "{{ item.public_ip }}" + ansible_ssh_private_key_file: "{{ ssh_public_key[:-4] }}" groupname: vpn-host ansible_ssh_user: ubuntu ansible_python_interpreter: "/usr/bin/python2.7" From e40545cce5ec960ea97bb9da397af3a858882a11 Mon Sep 17 00:00:00 2001 From: defunct Date: Sun, 27 Nov 2016 12:55:05 -0500 Subject: [PATCH 4/4] opens #126 This commit reverts changes in 437d659 to avoid breaking changes. --- roles/cloud-ec2/tasks/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/cloud-ec2/tasks/main.yml b/roles/cloud-ec2/tasks/main.yml index 4b8de61..e2b0a65 100644 --- a/roles/cloud-ec2/tasks/main.yml +++ b/roles/cloud-ec2/tasks/main.yml @@ -66,7 +66,6 @@ - name: Add new instance to host group add_host: hostname: "{{ item.public_ip }}" - ansible_ssh_private_key_file: "{{ ssh_public_key[:-4] }}" groupname: vpn-host ansible_ssh_user: ubuntu ansible_python_interpreter: "/usr/bin/python2.7"