From: Sankar Palanivel Date: Tue, 19 Oct 2021 10:36:28 +0000 (+0000) Subject: Merge "Delete openvpn client files" X-Git-Url: https://gerrit.nordix.org/gitweb?a=commitdiff_plain;h=92f0709cd8846488d4c8aba890d412b3e46f8608;hp=c7f4044c91d1b20327391cac793cb49652a2da27;p=infra%2Ftools.git Merge "Delete openvpn client files" --- diff --git a/infra/cleanup_admin_user_access/deploy.sh b/infra/cleanup_admin_user_access/deploy.sh new file mode 100755 index 0000000..002eb80 --- /dev/null +++ b/infra/cleanup_admin_user_access/deploy.sh @@ -0,0 +1,35 @@ +#!/bin/bash +# ============LICENSE_START======================================================= +# Copyright (C) 2021 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +set -o errexit +set -o nounset +set -o pipefail + +#------------------------------------------------------------------------------- +# Cleanup Admin User Access +#------------------------------------------------------------------------------- +echo "Info: Cleanup admin user access" +echo "-------------------------------------------------------------------------" + +export INVENTORY_FILE="${INVENTORY_FILE:-/tmp/inventory.ini}" + +ansible-playbook -i "$INVENTORY_FILE" playbooks/cleanup-admin-user-access.yaml + + +# vim: set ts=2 sw=2 expandtab: \ No newline at end of file diff --git a/infra/cleanup_admin_user_access/playbooks/cleanup-admin-user-access.yaml b/infra/cleanup_admin_user_access/playbooks/cleanup-admin-user-access.yaml new file mode 100644 index 0000000..1537806 --- /dev/null +++ b/infra/cleanup_admin_user_access/playbooks/cleanup-admin-user-access.yaml @@ -0,0 +1,46 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2021 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- hosts: baremetal + gather_facts: true + become: false + + tasks: + - name: Remove admin user ssh keys + file: + path: /root/.ssh/{{ item }} + state: absent + with_items: + - id_rsa + - id_rsa.pub + - authorized_keys + +- hosts: jumphost + gather_facts: true + become: false + + tasks: + - name: Remove admin user ssh keys + file: + path: /root/.ssh/{{ item }} + state: absent + with_items: + - id_rsa + - id_rsa.pub + - authorized_keys diff --git a/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-jumphost.yaml b/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-jumphost.yaml index af74252..6255203 100644 --- a/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-jumphost.yaml +++ b/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-jumphost.yaml @@ -72,13 +72,5 @@ path: /etc/sudoers line: "{{ admin_user }} ALL=(ALL:ALL) NOPASSWD: ALL" -- name: Remove nordix ssh keys - file: - path: /root/.ssh/{{ item }} - state: absent - with_items: - - id_rsa - - id_rsa.pub - - authorized_keys # vim: set ts=2 sw=2 expandtab: \ No newline at end of file diff --git a/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-targethosts.yaml b/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-targethosts.yaml index 860b647..d8ac989 100644 --- a/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-targethosts.yaml +++ b/infra/configure_admin_user_access/playbooks/roles/configure-admin-user-access/tasks/configure-targethosts.yaml @@ -54,13 +54,5 @@ path: /etc/sudoers line: "{{ admin_user }} ALL=(ALL:ALL) NOPASSWD: ALL" -- name: Remove nordix ssh keys - file: - path: /root/.ssh/{{ item }} - state: absent - with_items: - - id_rsa - - id_rsa.pub - - authorized_keys # vim: set ts=2 sw=2 expandtab: \ No newline at end of file diff --git a/infra/configure_k8s_admin_config/playbooks/roles/configure-k8s-admin-config/vars/main.yaml b/infra/configure_k8s_admin_config/playbooks/roles/configure-k8s-admin-config/vars/main.yaml index ede070e..fe4b2ba 100644 --- a/infra/configure_k8s_admin_config/playbooks/roles/configure-k8s-admin-config/vars/main.yaml +++ b/infra/configure_k8s_admin_config/playbooks/roles/configure-k8s-admin-config/vars/main.yaml @@ -36,7 +36,6 @@ helm_client_download_url: "https://get.helm.sh/helm-{{ helm_version }}-linux-amd # ------------------------------------------------------------------------------- # Setup k8s admin config # ------------------------------------------------------------------------------- -engine_cache: '/opt/engine/.cache' -k8s_admin_conf: "{{ engine_cache }}/repos/kubespray/inventory/engine/artifacts/admin.conf" +k8s_admin_conf: "/tmp/admin.conf" admin_user: 'nordix' admin_user_kube_dir: "/home/{{ admin_user }}/.kube" \ No newline at end of file