If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Manage SSH host keys with Ansible

RESOLVED FIXED

Status

Developer Services
Mercurial: hg.mozilla.org
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: gps, Assigned: gps)

Tracking

Details

MozReview Requests

Submitter Diff Changes Open Issues Last Updated
Loading...
Error loading review requests:

Attachments

(1 attachment)

One of the few manual items left on the internal "stand up a new mirror" document is how to install new SSH host keys in authorized_keys and known_hosts files. We already have Ansible manage this in some places. We should finish the work.
Created attachment 8643332 [details]
MozReview Request: ansible/hg-ssh: write out known_hosts file with hgweb host keys (bug 1191095); r?fubar

ansible/hg-ssh: write out known_hosts file with hgweb host keys (bug 1191095); r?fubar

The /etc/mercurial/known_hosts file contains SSH host keys for all the
mirrors. Before, we were maintaining the content of this file manually.
Ansible knows what all the host RSA keys are via facter, so we install
them.
Attachment #8643332 - Flags: review?(klibby)

Updated

2 years ago
Attachment #8643332 - Flags: review?(klibby) → review+
Comment on attachment 8643332 [details]
MozReview Request: ansible/hg-ssh: write out known_hosts file with hgweb host keys (bug 1191095); r?fubar

https://reviewboard.mozilla.org/r/15065/#review13555

Ship It!
url:        https://hg.mozilla.org/hgcustom/version-control-tools/rev/aeda5803eaa30ea1a903fcb6a642e242b171a0e1
changeset:  aeda5803eaa30ea1a903fcb6a642e242b171a0e1
user:       Gregory Szorc <gps@mozilla.com>
date:       Wed Aug 05 10:13:00 2015 -0700
description:
ansible/hg-ssh: write out known_hosts file with hgweb host keys (bug 1191095); r=fubar

The /etc/mercurial/known_hosts file contains SSH host keys for all the
mirrors. Before, we were maintaining the content of this file manually.
Ansible knows what all the host RSA keys are via facter, so we install
them.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.