Add terminal server and remove erki's offsite box

inventory.yaml

@@ -19,6 +19,15 @@ all:
             - eaas
             - lauri
 
+        ts.k-space.ee:
+          # Retro Terminal Server
+          ansible_host: 100.103.0.10
+          admins:
+            - eaas
+            - rasmus
+            - arti
+            - kkuusk
+
       children:
         # Documentation at
         # https://wiki.k-space.ee/en/hosting/storage
@@ -27,12 +36,12 @@ all:
             # previously known as nfs, nas
             external.kube.k-space.ee:
               ansible_host: 172.21.3.101
-            offsite:
-              ansible_host: 192.168.30.40
-              admins:
-                - eaas
-              vars:
-                offsite_dataset: offsite/backup_zrepl
+#            offsite:
+#              ansible_host: 192.168.30.40
+#              admins:
+#                - eaas
+#              vars:
+#                offsite_dataset: offsite/backup_zrepl
 
     # Proxmox aka PVE (Proxmox Virtualization Environment) documented
     # https://wiki.k-space.ee/hosting/proxmox

ssh_config

@@ -65,14 +65,6 @@ Host ns1.k-space.ee 172.20.0.2
     UserKnownHostsFile /dev/null
     ControlMaster auto
     ControlPersist 8h
-Host offsite 192.168.30.40
-    User root
-    Hostname 192.168.30.40
-    Port 22
-    GlobalKnownHostsFile known_hosts
-    UserKnownHostsFile /dev/null
-    ControlMaster auto
-    ControlPersist 8h
 Host pve90.proxmox.infra.k-space.ee 172.21.20.90
     User root
     Hostname 172.21.20.90
@@ -105,6 +97,14 @@ Host pve93.proxmox.infra.k-space.ee 172.21.20.93
     UserKnownHostsFile /dev/null
     ControlMaster auto
     ControlPersist 8h
+Host ts.k-space.ee 100.103.0.10
+    User root
+    Hostname 100.103.0.10
+    Port 22
+    GlobalKnownHostsFile known_hosts
+    UserKnownHostsFile /dev/null
+    ControlMaster auto
+    ControlPersist 8h
 Host worker1.kube.k-space.ee 172.21.3.81
     User root
     Hostname 172.21.3.81

update-ssh-config.yaml

@@ -6,6 +6,8 @@
   connection: local
   vars:
     targets: "{{ hostvars[groups['all']] }}"
+  tags:
+    - collect_server_public_keys
   tasks:
     - name: Generate ssh_config
       ansible.builtin.copy:
@@ -40,6 +42,8 @@
   connection: local
   vars:
     targets: "{{ hostvars[groups['all']] }}"
+  tags:
+    - collect_user_public_keys
   tasks:
     - name: Download https://git.k-space.ee/user.keys
       loop:
@@ -47,6 +51,7 @@
         - eaas
         - lauri
         - rasmus
+        - kkuusk
       ansible.builtin.get_url:
         url: https://git.k-space.ee/{{ item }}.keys
         dest: "./{{ item }}.keys"
@@ -57,6 +62,8 @@
     - kubelets
     - doors
     # do NOT put proxmox here! PVE manages its keys and admin keys are manual
+  tags:
+    - push_keys
   tasks:
     - name: Generate /root/.ssh/authorized_keys
       ansible.builtin.copy: