diff --git a/tasks/03_create_key.yml b/tasks/03_create_key.yml index 9ceffbf..d3e7e4e 100644 --- a/tasks/03_create_key.yml +++ b/tasks/03_create_key.yml @@ -14,7 +14,7 @@ group: "{{ borg_group }}" - name: Generate an OpenSSH keypair - when: not borg_ssh_private_key + when: borg_ssh_private_key is undefined community.crypto.openssh_keypair: path: "{{ borg_ssh_key_file_path }}" mode: "0600" @@ -22,16 +22,8 @@ owner: "{{ borg_user }}" group: "{{ borg_group }}" - - name: Generate public key from private key content # Also ensure priv key content is sound - when: borg_ssh_private_key - delegate_to: localhost - community.crypto.openssl_publickey: - path: "{{ borg_ssh_key_file_path }}.pub" - privatekey_content: "{{ borg_ssh_private_key }}" - register: public_key - - name: Copy provided OpenSSH private key - when: public_key.succeeded + when: borg_ssh_private_key is defined ansible.builtin.copy: content: "{{ borg_ssh_private_key }}" dest: "{{ borg_ssh_key_file_path }}" @@ -39,6 +31,22 @@ owner: "{{ borg_user }}" group: "{{ borg_group }}" + - name: Generate public key from private key + when: borg_ssh_private_key is defined + changed_when: false + failed_when: not public_key.stdout.startswith("ssh") + register: public_key + ansible.builtin.command: "ssh-keygen -yf {{ borg_ssh_key_file_path }}" + + - name: Copy provided OpenSSH public key + when: borg_ssh_private_key is defined + ansible.builtin.copy: + content: "{{ public_key.stdout }}" + dest: "{{ borg_ssh_key_file_path }}.pub" + mode: "0666" + owner: "{{ borg_user }}" + group: "{{ borg_group }}" + - name: Read SSH key ansible.builtin.slurp: src: "{{ borg_ssh_key_file_path }}.pub"