Now you can configure your security. Remember that dicts in parent group merges with dicts in child groups. Warning! Playbook will delete all public keys in root's ```.ssh/authorized_keys``` file and setup own **super** key, only after this public keys in group_vars and host_vars will be added into assigned users ```.ssh/authorized_keys``` files. If you do not want to lost already installed pubkeys add all of them before playbook first run.
**Security issue!** You need to generate your own super key! Run ```ssh-keygen -f superkey``` and replace keys in ```secret/``` directory.
Now you can configure your security with this simple ansible playbook. Remember that dicts in parent group merges with dicts in child groups.
Infrastructure:
@ -33,6 +31,15 @@ You want to make additional access to all nodes for developer guy. Configuring c
You can set additional SSHd options like code below, see defaults of ssh_config role.
```
@ -45,6 +52,13 @@ sshd_options:
No need to make additional config for ```hetzner-balancers``` because access list will be inherited, only admins accessible.
**Using master key**
Warning! Playbook will delete all public keys in root's ```.ssh/authorized_keys``` file and setup own **super** key, only after this public keys in group_vars and host_vars will be added into assigned users ```.ssh/authorized_keys``` files. If you do not want to lost already installed pubkeys then add all of them to this playbook before first run.
**Security issue!** You need to generate your own super key! Run ```ssh-keygen -f superkey``` and replace keys in ```secret/``` directory. DO NOT USE DEMO KEY!