feat(preinstall_config): Add ability to specify custom SSH key file name

jhampson-dbre · Jun 27, 2022 · 11627bb · 11627bb
1 parent 4d57f46
commit 11627bb
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 7 deletions.
diff --git a/roles/preinstall_config/README.md b/roles/preinstall_config/README.md
@@ -41,6 +41,13 @@ has_reserved_ip: false
 # When set to true, the role will not attempt to create SSH keys
 # or add existing keys to home_assistant_user's authorized keys.
 preinstall_config_leave_my_keys_alone: false
+
+# The name of the SSH key file. If you already have an existing key
+# named id_rsa and want to use a different key for using Ansible with Home Assistant,
+# you can specify an alternate key file name and then use `ansible_ssh_private_key_file`
+# host var, the `-k` ansible cli command line flag, or any other valid method to specify
+# a non-default ssh key file
+preinstall_config_ssk_key_name: id_rsa
 ```
 
 Dependencies

diff --git a/roles/preinstall_config/defaults/main.yml b/roles/preinstall_config/defaults/main.yml
@@ -2,3 +2,4 @@
 home_assistant_user: homeassistant
 has_reserved_ip: false
 preinstall_config_leave_my_keys_alone: false
+preinstall_config_ssh_key_name: id_rsa
diff --git a/roles/preinstall_config/tasks/ssh_keys.yml b/roles/preinstall_config/tasks/ssh_keys.yml
@@ -14,28 +14,31 @@
   delegate_to: localhost
   run_once: true
   loop:
-    - "{{ lookup('env','HOME') + '/.ssh/id_rsa' }}"
-    - "{{ lookup('env','HOME') + '/.ssh/id_rsa.pub' }}"
+    - "{{ lookup('env','HOME') + '/.ssh/' + preinstall_config_ssh_key_name }}"
+    - "{{ lookup('env','HOME') + '/.ssh/' + preinstall_config_ssh_key_name + '.pub' }}"
   loop_control:
     loop_var: key_file
 
 - name: Backup existing SSH private key if we need new keys
   copy:
-    src: "{{ lookup('env','HOME') + '/.ssh/id_rsa' }}"
-    dest: "{{ lookup('env','HOME') + '/.ssh/id_rsa.bak' }}"
+    src: "{{ key_file.stat.path }}"
+    dest: "{{ key_file.stat.path + '.bak' }}"
     backup: yes
     mode: '0600'
   loop: "{{ existing_ssh_key.results }}"
   loop_control:
     loop_var: key_file
-  when: key_file.stat.exists|bool
+  when:
+    - key_file.stat.exists | bool
+    - (not existing_ssh_key.results[0].stat.exists | bool
+      or not existing_ssh_key.results[1].stat.exists | bool)
   become: no
   delegate_to: localhost
   run_once: true
 
 - name: Create SSH key pair on the control machine to connect using home assistant user
   openssh_keypair:
-    path: "{{ lookup('env','HOME') + '/.ssh/id_rsa' }}"
+    path: "{{ lookup('env','HOME') + '/.ssh/' + preinstall_config_ssh_key_name }}"
     comment: "homeassistant"
   when: >-
     not existing_ssh_key.results[0].stat.exists | bool
@@ -48,4 +51,4 @@
   authorized_key:
     user: "{{ home_assistant_user }}"
     state: present
-    key: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_rsa.pub') }}"
+    key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/' + preinstall_config_ssh_key_name + '.pub') }}"