intermidate setup3

deployment/02_deploy_to_controller/playbooks/main.yml

@@ -95,14 +95,6 @@
         recurse: yes
       become: yes
 
-    - name: Ensure correct permissions on student-admin key
-      file:
-        path: /opt/CS_553/keys/student-admin-key
-        mode: '0600'
-        owner: ubuntu
-        group: ubuntu
-      become: yes
-
     - name: Ensure .ssh directory exists
       file:
         path: /home/ubuntu/.ssh
@@ -112,18 +104,28 @@
         mode: '0700'
       become: yes
 
-    - name: Copy ED25519 private SSH key from vault
+    - name: Copy student-admin private key
       copy:
-        content: "{{ vault_ssh_private_key }}"
-        dest: /home/ubuntu/.ssh/id_ed25519
+        content: "{{ student_admin_private_key }}"
+        dest: /home/ubuntu/.ssh/student-admin-key
         owner: ubuntu
         group: ubuntu
         mode: '0600'
       become: yes
 
-    - name: Ensure correct permissions on ED25519 key
-      file:
-        path: /home/ubuntu/.ssh/id_ed25519
+    - name: Copy student-admin public key
+      copy:
+        content: "{{ student_admin_public_key }}"
+        dest: /home/ubuntu/.ssh/student-admin-key.pub
+        owner: ubuntu
+        group: ubuntu
+        mode: '0644'
+      become: yes
+
+    - name: Copy ED25519 private SSH key
+      copy:
+        content: "{{ vault_ssh_private_key }}"
+        dest: /home/ubuntu/.ssh/id_ed25519
         owner: ubuntu
         group: ubuntu
         mode: '0600'
@@ -162,10 +164,10 @@
       become: yes
       become_user: ubuntu
 
-    - name: Check if initial setup script has been run
+    - name: Check if initial setup flag file exists
       stat:
         path: /home/ubuntu/.initial_setup_complete
-      register: setup_check
+      register: setup_flag
 
     - name: Run initial setup shell script with Tailscale key
       command: >
@@ -174,7 +176,16 @@
         chdir: /opt/CS_553/deployment/02_deploy_to_controller
       become: yes
       become_user: ubuntu
-      when: not setup_check.stat.exists
+      when: not setup_flag.stat.exists
+
+    - name: Create initial setup flag file
+      file:
+        path: /home/ubuntu/.initial_setup_complete
+        state: touch
+        owner: ubuntu
+        group: ubuntu
+        mode: '0644'
+      when: not setup_flag.stat.exists
 
     - name: Ensure .ansible directory exists
       file:
@@ -187,7 +198,7 @@
 
     - name: Copy vault password file from local machine
       copy:
-        src: /path/to/local/vault_password.txt
+        src: ../../.secrets/password.txt
         dest: /home/ubuntu/.ansible/vault_password.txt
         owner: ubuntu
         group: ubuntu

deployment/02_deploy_to_controller/scripts/initial_ssh_config.sh

@@ -35,14 +35,14 @@ test_ssh_connection() {
 }
 
 # Backup the existing authorized_keys file
-ssh $SSH_OPTIONS -i /opt/CS_553/keys/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to backup authorized_keys"
+ssh $SSH_OPTIONS -i ~/.ssh/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to backup authorized_keys"
     cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys.bak || handle_error "Failed to create backup of authorized_keys"
     echo "Backup of authorized_keys created"
 EOF
 
 # Update authorized_keys file with the new key while keeping existing keys
-ssh $SSH_OPTIONS -i /opt/CS_553/keys/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to update authorized_keys"
-    NEW_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARTYgwoPW+VpBofWGYuHIldh18EUo42PHF/e08Dzcyp admin key CS553"
+ssh $SSH_OPTIONS -i ~/.ssh/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to update authorized_keys"
+    NEW_KEY="$(cat ~/.ssh/id_ed25519.pub)"
     if ! grep -q "\$NEW_KEY" ~/.ssh/authorized_keys; then
         echo "\$NEW_KEY" >> ~/.ssh/authorized_keys || handle_error "Failed to append new key to authorized_keys"
     fi
@@ -55,7 +55,7 @@ if test_ssh_connection; then
   echo "SSH connection with new key successful"
 else
   echo "SSH connection with new key failed. Restoring backup..."
-  ssh $SSH_OPTIONS -i /opt/CS_553/keys/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to restore authorized_keys backup"
+  ssh $SSH_OPTIONS -i ~/.ssh/student-admin-key -J turing.wpi.edu student-admin@app <<EOF || handle_error "Failed to restore authorized_keys backup"
         cp ~/.ssh/authorized_keys.bak ~/.ssh/authorized_keys || handle_error "Failed to restore backup of authorized_keys"
         chmod 600 ~/.ssh/authorized_keys || handle_error "Failed to set permissions on restored authorized_keys"
         echo "Backup of authorized_keys restored"

deployment/02_deploy_to_controller/vars/secrets.yml

@@ -1,32 +1,62 @@
 $ANSIBLE_VAULT;1.1;AES256
-32356435633365366531643665366233363439303333336631616536633863623930643832376466
-3163656465663561656366633633633664373038656437630a373565653666623932343131666163
-30316135353237633132336334666165623235336466316461636564316139323264333139643539
-6466356163663936360a336665653638626536636562326532623037393463333264386234323939
-32613262623131346536363731326431353364393164383163616637373135353730356565623836
-38363438643131623230343432666133653336626665643365633935383831643635393264633465
-38363833313166346165616638363430383139356332303139653962643961623266343965383031
-36306634336132633336323863633136326133336362356365363038366662636232663737363334
-65633933663334323366333330353538316166373566626535356334306639336339333734666337
-38386431366661663239366533383732343361323137323235636337316261383536333165633366
-65333238356638356634303061353733383535636139326134633230313333643639306463373733
-31316165363230356334316433326538316636656239323662313438306161353462333066396661
-37383934333265316630663265643862343462643563646663663865666462666632646264346566
-39633661623434656563376564343165306234626137306431393665376338636339643464653261
-32616636326161396430633739653232383464656538393434396430366239383963373034363233
-30303966633363333137303934383038646266326332393630653734613430316433353864303834
-62353262396138316239326465633638363637326635353261663861373432376364366164623339
-30363463636266613930333539333761356531316431623161626338313361613833323731353361
-36383130376335656237353939633136666665636631343961333437333536343131393237643331
-62623131313437653332346238303361316566313066636439313732633766313930393262666336
-62616633343138653038626464653466356131323831306461666536643063306461343730343663
-38383365306331356165343233353865343935323137333236323439343137343834646638356138
-34636535363861646135326136623661623130336338313735636134656261366631316532333532
-32626237323233323831376539366433633761653532633838373662366433303265343138636365
-36393831623836333033343039323836633632623461333730653438366533313564653738383134
-36353166373239633463333962386235363235633234333361356131323363343439336565623332
-33613766626365303963376335393962643363383665323032636237643431356435653863373930
-31373831363366643738623330316261336366666431646632383239613938363239336531343166
-66396161653265363864323233646139316461646263633764666364313633316465386461663965
-63343830346436306533343264346238623634616135373037366434613737323137653866653434
-303136663233333161366664386533316462
+61343061653061326631316637326430643732663663633337383536386136366263316433613638
+3063636239386564643061333037386433663937666431340a346363633830643233303735646536
+64393631653934323234656363343733366136616661316232393539333361393961653865613437
+3263323862333437300a383633633630383362643736383366366534336632333535636162383561
+38393537333139653633313533306437313537653330333962323365656566646538373262303835
+35393262393433303135613766616435343031616534313932333937626463656465333765393463
+62333730326638326334353966343530303763353731646362636461326165373663613565643536
+37376630646433383163336439343333613961356339613738623863653938613131643633393662
+36616561613831343461343133336435306566323461633432306431303632663436333833306235
+38366238386232316365663033303139623632363030323864353963633762623364336636656661
+30653938333464663635303439323966353539373031353137383164613065666661336336633761
+30376366353035323162343735616439636532633734343731613734366235656165323830646663
+38353466346664336462396630376335303266303331346438306361353738363432396535393964
+62396539393230313535633334623662366331363661333733663133643862313331333663616436
+63363661386332303563636232613938336331303836343233323432323035313638393666616335
+33326563643835353735343232306332376533613132643230646664613234633662346661343338
+39333565323666383731333139633432383035366239333164353037333832643465303438353730
+32303731363038386634373130376262333338326263613230353038613730313531363333303162
+65393032663638336234353966373062633633356264306166636334343262666133663366643465
+39623735616466636630373734353061346362633466303239633166336562326630653130356332
+30323339356566616132323665623132343365326265356234373930356239343539323839643961
+31616138653966363462636639376663613831666630343230383230366261353036333864353363
+31316530316362356162616139326635613739343034343231616331353234623431633430613134
+63376336393334376439643033323733626435303763643663306663643830333763323361396566
+30323363396136336132313035353236653539373738666265626536633661323761646461383564
+64376437666261316561306335636230336463633164613935326636356233393866323531663334
+65336662643432613133313965303434346138373133653734623635336434336564356135356365
+64303539653862363537353765396665383132633433323035383366393439666139353934666562
+66636334336637366536343432323564613537623039396464386263393065306537303631363933
+36656337636563643535366633616439386439613435333835326339376537393334393864313936
+63303764666662666435353732623364356130636165643332656561623931633662376565356437
+38643032393866313738623038636634303735366665363238313330663939623535643337643133
+30313666613739356138363362396362363463616563383562383435356565316432353636623535
+64383839383065343066623334333839643665613136356132643537346430346433373933336539
+31386237666532383037353534333639646138666334386137616339666564333231653162363036
+37336638623737333132346433326239316664316636623861343134643830663733663336636137
+65663035376135363431323834316635663163653638346639613761313938623561383561633066
+64316238613362656335396338313863626630313430653063386430366334653435303434613636
+37313462353630303436326463343763366162313566343737383134333665386435313934373235
+37633536366465346165393637613033643231343263353133333065636566653030346639386539
+32366332396661633935636564653661333333303461633865626236643238303931616662306235
+39613361313162343938616465336362653437313739363730303235333365366364373835383734
+31623562643539363537633635376435303732656230373333343162663038343832333439326136
+63333935613064333365363132353231393136303435386466373237353134396464656262613636
+31356364333064663232386433343761373834306636393031363335336337353336333632613431
+64346138356261643430303966356534356437383463343532336533656265303061386536633961
+36616336313830653435373564663734393964333161616364326338336131616334383639393538
+66373732386137616362346639353032346138323631663961616439386665633530613537356439
+31373136653830663064333430373938643066356636303766313761306339353432616631343566
+33393436343233643865326533386663326535303464626132313833303530646262303938366238
+35316232636139656565383933383831386165303430666537666235626138306166663337343263
+32643034613163323264633730333835333866636330303663616632316261363366616433643336
+38383733656332386537303337386664373737666334613533643835643665306466616564383633
+64643234663665343930303934316531336266313961626565656233316437353636323861346161
+66396430643866323632323164643765623762366130333831663530333736653835623330613335
+35636232653163353732623830343333326639613236323463323362376438643865353563633133
+39633535343339313466653331666239396632333461653765303835363966663738643961326164
+64353762356563393466396338323030306263383964363563616661646662333935653930333862
+33616435313934303435623939313961363336366234306538613336366138623161623733323362
+64666262373435633562333535383830626563633831306434333661376262613539323835313866
+3138