From c35a07f9a8e2d86e4390bdd9d7fa951f00798632 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Emmanuel=20BENO=C3=8ET?= <tseeker@nocternity.net>
Date: Sun, 29 Dec 2024 19:19:04 +0100
Subject: [PATCH] fix: only ignore SSH host keys for local VMs

---
 ansible/files/ssh_config    | 3 ---
 ansible/files/ssh_config.j2 | 4 ++++
 ansible/provision.yml       | 6 +++---
 3 files changed, 7 insertions(+), 6 deletions(-)
 delete mode 100644 ansible/files/ssh_config
 create mode 100644 ansible/files/ssh_config.j2

diff --git a/ansible/files/ssh_config b/ansible/files/ssh_config
deleted file mode 100644
index 6eec83d..0000000
--- a/ansible/files/ssh_config
+++ /dev/null
@@ -1,3 +0,0 @@
-StrictHostKeyChecking no
-UserKnownHostsFile /dev/null
-LogLevel ERROR
diff --git a/ansible/files/ssh_config.j2 b/ansible/files/ssh_config.j2
new file mode 100644
index 0000000..e707886
--- /dev/null
+++ b/ansible/files/ssh_config.j2
@@ -0,0 +1,4 @@
+LogLevel ERROR
+Host *.{{ domain_name }}
+	StrictHostKeyChecking no
+	UserKnownHostsFile /dev/null
diff --git a/ansible/provision.yml b/ansible/provision.yml
index 6f12a3a..73faf10 100644
--- a/ansible/provision.yml
+++ b/ansible/provision.yml
@@ -602,9 +602,9 @@
             path: /home/vagrant/.ssh/config
           register: chezmoi_ssh_config
         - name: Configure SSH for the vagrant user
-          when: not chezmoi_ssh_config.stat.exist
-          ansible.builtin.copy:
-            src: files/ssh_config
+          when: not chezmoi_ssh_config.stat.exists
+          ansible.builtin.template:
+            src: files/ssh_config.j2
             dest: /home/vagrant/.ssh/config
 
         # Configure Vim