c12s-kubespray/roles/bastion-ssh-config/templates/ssh-bastion.conf
Kaleb Elwert 65aa9213d4 Allow connecting to bastion via non-standard SSH port (#7396)
* Allow connecting to bastion via non-standard port

* Fix bastion connection when ansible_port is not provided

(cherry picked from commit 6fa3565dac)
2021-03-29 16:19:56 -07:00

18 lines
709 B
Text

{% set vars={'hosts': ''} %}
{% set user='' %}
{% for h in groups['all'] %}
{% if h not in groups['bastion'] %}
{% if vars.update({'hosts': vars['hosts'] + ' ' + (hostvars[h].get('ansible_ssh_host') or hostvars[h]['ansible_host'])}) %}{% endif %}
{% endif %}
{% endfor %}
Host {{ bastion_ip }}
Hostname {{ bastion_ip }}
StrictHostKeyChecking no
ControlMaster auto
ControlPath ~/.ssh/ansible-%r@%h:%p
ControlPersist 5m
Host {{ vars['hosts'] }}
ProxyCommand ssh -F /dev/null -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -W %h:%p -p {{ bastion_port }} {{ real_user }}@{{ bastion_ip }} {% if ansible_ssh_private_key_file is defined %}-i {{ ansible_ssh_private_key_file }}{% endif %}