From 52ffa9394b430c389f781265a4a8ca7dee2d6c6e Mon Sep 17 00:00:00 2001
From: Jack Ivanov <e601809@gmail.com>
Date: Thu, 12 Sep 2019 13:40:59 +0200
Subject: [PATCH] Windows SSH key permissions workaround

---
 config.cfg               |  1 +
 playbooks/cloud-post.yml |  2 +-
 playbooks/cloud-pre.yml  | 33 +++++++++++++++++++++------------
 server.yml               |  2 +-
 4 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/config.cfg b/config.cfg
index d232348..beca344 100644
--- a/config.cfg
+++ b/config.cfg
@@ -132,6 +132,7 @@ congrats:
 SSH_keys:
   comment: algo@ssh
   private: configs/algo.pem
+  private_tmp: /tmp/algo-ssh.pem
   public: configs/algo.pem.pub
 
 cloud_providers:
diff --git a/playbooks/cloud-post.yml b/playbooks/cloud-post.yml
index 19c4de6..99a15b4 100644
--- a/playbooks/cloud-post.yml
+++ b/playbooks/cloud-post.yml
@@ -23,7 +23,7 @@
 - name: Additional variables for the server
   add_host:
     name: "{% if cloud_instance_ip == 'localhost' %}localhost{% else %}{{ cloud_instance_ip }}{% endif %}"
-    ansible_ssh_private_key_file: "{{ SSH_keys.private }}"
+    ansible_ssh_private_key_file: "{{ SSH_keys.private_tmp }}"
   when: algo_provider != 'local'
 
 - name: Wait until SSH becomes ready...
diff --git a/playbooks/cloud-pre.yml b/playbooks/cloud-pre.yml
index fb0dee0..44259bd 100644
--- a/playbooks/cloud-pre.yml
+++ b/playbooks/cloud-pre.yml
@@ -29,17 +29,26 @@
   delegate_to: localhost
   become: false
 
-- name: Generate the SSH private key
-  openssl_privatekey:
-    path: "{{ SSH_keys.private }}"
-    size: 2048
-    mode: "0600"
-    type: RSA
-  when: algo_provider != "local"
+- block:
+  - name: Generate the SSH private key
+    openssl_privatekey:
+      path: "{{ SSH_keys.private }}"
+      size: 2048
+      mode: "0600"
+      type: RSA
 
-- name: Generate the SSH public key
-  openssl_publickey:
-    path: "{{ SSH_keys.public }}"
-    privatekey_path: "{{ SSH_keys.private }}"
-    format: OpenSSH
+  - name: Generate the SSH public key
+    openssl_publickey:
+      path: "{{ SSH_keys.public }}"
+      privatekey_path: "{{ SSH_keys.private }}"
+      format: OpenSSH
+
+  - name: Copy the private SSH key to /tmp
+    copy:
+      src: "{{ SSH_keys.private }}"
+      dest: "{{ SSH_keys.private_tmp }}"
+      force: true
+      mode: '0600'
+    delegate_to: localhost
+    become: false
   when: algo_provider != "local"
diff --git a/server.yml b/server.yml
index 0eb7866..b46b650 100644
--- a/server.yml
+++ b/server.yml
@@ -41,7 +41,7 @@
               server: {{ 'localhost' if inventory_hostname == 'localhost' else inventory_hostname }}
               server_user: {{ ansible_ssh_user }}
               {% if algo_provider != "local" %}
-              ansible_ssh_private_key_file: {{ ansible_ssh_private_key_file|default(SSH_keys.private) }}
+              ansible_ssh_private_key_file: {{ SSH_keys.private }}
               {% endif %}
               algo_provider: {{ algo_provider }}
               algo_server_name: {{ algo_server_name }}