An Ansible Role that manages Hetzner Robot Keys.

• Existing Hetzner Online GmbH Account.
• Configured Hetzner Robot Webservice Account.

Available variables are listed below, along with default values (see defaults/main.yml):

hetzner_key_webservice_base_url: https://robot-ws.your-server.de

Base url that is pointing to the Hetzner Robot API. The variable is mostly utilized for testing purposes, there is no need to change the default.

hetzner_key_webservice_username: robot

Webservice login name. May be set/changed as described in the section Change Access Data (Hetzner Wiki).

hetzner_key_webservice_password: secret

Webservice password. May be set/changed as described in the section Change Access Data (Hetzner Wiki).

hetzner_key_instances:
  - name: New Key
    data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSkT3A1j89RT/540ghIMHXIVwNlAEM3WtmqVG7YN/wYwtsJ8iCszg4/lXQsfLFx\
    YmEVe8L9atgtMGCi5QdYPl4X/c+5YxFfm88Yjfx+2xEgUdOr864eaI22yaNMQ0AlyilmK+PcSyxKP4dzkf6B5Nsw8lhfB5n9F5md6GHLLjOG\
    uBbHYlesKJKnt2cMzzS90BdRk73qW6wJ+MCUWo+cyBFZVGOzrjJGEcHewOCbVs+IJWBFSi6w1enbKGc+RY9KrnzeDKWWqzYnNofiHGVFAuMx\
    rmZOasqlTIKiC2UK3RmLxZicWiQmPnpnjJRo7pL0oYM9r/sIWzD6i2S9szDy6aZ"

Keys may be managed by Ansible specifying them within hetzner_key_instances variable. Keys are referenced by the name attribute. Existing keys stored in the Hetzner Robot Key Management having different names will not be updated nor removed. All keys from the Hetzner Robot Key Management will be provisioned on the target hosts.

hetzner_key_instances:
  - name: New Key
    data: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSkT3A1j89RT/540ghIMHXIVwNlAEM3WtmqVG7YN/wYwtsJ8iCszg4/lXQsfLFx\
    YmEVe8L9atgtMGCi5QdYPl4X/c+5YxFfm88Yjfx+2xEgUdOr864eaI22yaNMQ0AlyilmK+PcSyxKP4dzkf6B5Nsw8lhfB5n9F5md6GHLLjOG\
    uBbHYlesKJKnt2cMzzS90BdRk73qW6wJ+MCUWo+cyBFZVGOzrjJGEcHewOCbVs+IJWBFSi6w1enbKGc+RY9KrnzeDKWWqzYnNofiHGVFAuMx\
    rmZOasqlTIKiC2UK3RmLxZicWiQmPnpnjJRo7pL0oYM9r/sIWzD6i2S9szDy6aZ"
    state: absent

Add state: absent to remove the key from Hetzner Robot Key Management and the target hosts.

hetzner_key_webservice_concurrent_requests: 1
hetzner_key_webservice_concurrent_poll: 1

To speed up the role execution while handling the configuration for multiple keys, the number of parallel requests made to the Hetzner Robot API can be controlled by hetzner_key_webservice_concurrent_requests variable. The poll interval for asynchronous request result processing is set using hetzner_key_webservice_concurrent_poll. Check official documentation on Asynchronous Actions and Polling for more explanation.

Tags can be used to limit the role execution to a particular task module. Following tags are available:

• hetzner_key,config: Covers the full role lifecycle.
• hetzner_key_key: Manages access keys within Hetzner Robot Key Management.
• hetzner_key_host: Configures access keys on the target hosts.

None.

Since the role is managing the communication with the Hetzner Robot API only, it may be run on localhost.

- hosts: all
  roles:
     - nl2go.hetzner_key

Use docker-molecule following the instructions to run Molecule or install Molecule locally (not recommended, version conflicts might appear).

Use following to run tests:

molecule test --all

This role relies on hetzner-robot-api-mock to simulate interactions with the Hetzner Robot API.

• build-failure

See the LICENSE.md file for details.

This role was created by in 2019 by Newsletter2Go GmbH.