+1 This looks good. Do we need to do any sort of selinux to get it readable by http?
On 2 April 2015 at 09:40, Kevin Fenzi <kevin@xxxxxxxxx> wrote:
When we moved our proxies from puppet to ansible, we forgot to setup
something to copy the ssh_known_hosts file over to them, so anyone who
goes to https://admin.fedoraproject.org/ssh_known_hosts gets a no such
file.
I'd like to add the following patch to the proxies playbook and run
that playbook to correct this.
+1s?
kevin
--
diff --git a/roles/httpd/fingerprints/tasks/main.yml b/roles/httpd/fingerprints/tasks/main.yml
index 74dd152..00afe5c 100644
--- a/roles/httpd/fingerprints/tasks/main.yml
+++ b/roles/httpd/fingerprints/tasks/main.yml
@@ -13,3 +13,7 @@
- fingerprints
- httpd
- httpd/fingerprints
+
+- copy: src="" dest=/etc/ssh/ssh_known_hosts
+ tags:
+ - fingerprints
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
Stephen J Smoogen.
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure