wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-07 15:43:54 +02:00
Code Issues Projects Releases Wiki Activity

Change the P12 and SSH passwords only for new users (#550)

Browse source
This commit is contained in:
Jack Ivanov 2017-05-22 04:28:18 +02:00 committed by Dan Guido
parent 40e0363b18
commit ee6db37428
3 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
roles/ssh_tunneling/tasks/main.yml
View file

@ -37,6 +37,7 @@
ssh_key_bits: 256 ssh_key_bits: 256
ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}' ssh_key_comment: '{{ item }}@{{ IP_subject_alt_name }}'
ssh_key_passphrase: "{{ easyrsa_p12_export_password }}" ssh_key_passphrase: "{{ easyrsa_p12_export_password }}"
update_password: on_create
state: present state: present
append: yes append: yes
with_items: "{{ users }}" with_items: "{{ users }}"

2
roles/vpn/tasks/openssl.yml
View file

@ -122,7 +122,9 @@
-passout pass:"{{ easyrsa_p12_export_password }}" -passout pass:"{{ easyrsa_p12_export_password }}"
args: args:
chdir: "configs/{{ IP_subject_alt_name }}/pki/" chdir: "configs/{{ IP_subject_alt_name }}/pki/"
creates: private/{{ item }}.p12
with_items: "{{ users }}" with_items: "{{ users }}"
register: p12
- name: Copy the p12 certificates - name: Copy the p12 certificates
copy: copy:

2
users.yml
View file

@ -62,7 +62,7 @@
- debug: - debug:
msg: msg:
- "{{ congrats.common.split('\n') }}" - "{{ congrats.common.split('\n') }}"
- " {{ congrats.p12_pass }}" - " {% if p12.changed %}{{ congrats.p12_pass }}{% endif %}"
tags: always tags: always
rescue: rescue:
- debug: var=fail_hint - debug: var=fail_hint