Commit 728b7fb3 authored by Todor Kondic's avatar Todor Kondic
Browse files

vnc-tls-auth.yml: New playbook to generate VNC keys

parent cbcce563
# This play is intended to (re)generate TLS keys for VNC
# software. Should not be rerun every time, because it overwrites old
# keys and thus prevent users from logging in, until they get new
# public keys.
- hosts: all
become: True
become_method: sudo
remote_user: adamsmith
become_flags: "-i"
vars_files:
- vars/users.yml
- vars/passwords.yml
tasks:
- name: Create /etc/custom-vnc
file:
path: "/etc/custom-vnc"
state: directory
mode: 0711
- name: Get private ip.
shell: "hostname -I"
register: hip
- name: Get hostname.
shell: "hostname"
register: hname
- name: Generate keys.
script:
chdir: "/etc/custom-vnc"
cmd: "files/etc/gencert {{ hname.stdout }} {{ hip.stdout }}"
- name: Get keys.
fetch:
flat: yes
src: "/etc/custom-vnc/vnc.pub.pem"
dest: "pubkeys/{{ hname.stdout }}.vnc.pub.pem"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment