Process to set up new development environment is incorrect

[richardboswell]

The setup.md document is missing the usage of base.yml which calls the sshkeys role to set up key-based SSH access from the development server to the deployment server. The document also states that the new keys created are name id_rsa but are actually now called ansible_role_test_key.

[tompscanlan]

@richardboswell

1. the doc says to run site.yml, which calls base.yml in turn. Does that not cover your needs?
2. if not, lets consider making a new top level play just for key rotation. Having it as part of the ui setup is a tad misleading.
3. definitely need to add the private key into all ansible.cfg that may use the sshkeys role.
4. if a different location for the keyfile is desired... we may be better off using the a group_vars/all.yml var for ansible_ssh_private_key_file and setting sshkeys_local_final_priv_key: {{ ansible_ssh_private_key_file }}.

[richardboswell]

The site.yml task file has a comment that states:

Before running this play, assure you ran: ansible-playbook --ask-pass --ask-sudo-pass -i inventory base.yml

Is that inaccurate? I have always run the ansible.yml playbook and the base.yml and ui.yml playbooks for the initial setup and haven't had any issues. I believe that site.yml is only required if you want Chaperone to also act as a router, @tdhite will know (I don't configure the CDS as a router).

In any case we need to properly document the change in the Ansible SSH private key, the ansible.cfg file also needs to be added to the git ignore file. This was not required in previous versions of the sshkeys role as it was assumed (and documented as such) that the standard id_rsa naming format would be used.