Host Import

Import existing host information from SSH config, Ansible, CSV, and known_hosts.

Overview

You can bulk import host information from existing infrastructure management tools. After importing, perform VPN enrollment for each host.

Supported Sources

Source	`--from` value	Default file
SSH config	`ssh-config`	`~/.ssh/config`
Ansible Inventory	`ansible-inventory`	(required)
known_hosts	`known-hosts`	`~/.ssh/known_hosts`
CSV	`csv`	(required)

Basic Usage

bash

# Import from SSH config
nefia hosts import --from ssh-config
 
# Import from Ansible inventory
nefia hosts import --from ansible-inventory --file inventory.yaml
 
# Import from known_hosts
nefia hosts import --from known-hosts
 
# Import from CSV
nefia hosts import --from csv --file hosts.csv

Flags

Flag	Description	Default
`--from`	Source format	(required)
`--file`	Source file path	(ssh-config/known-hosts have defaults)
`--dry-run`	Preview only without making changes	`false`

Source Details

SSH Config

Parses Host entries from ~/.ssh/config.

Extracted fields:

Host -- Used as the host ID
HostName -- Address
User -- SSH user
Port -- SSH port

Entries containing wildcard patterns (*, ?) are skipped.

Ansible Inventory

Supports both YAML and INI formats with automatic detection.

YAML format:

yaml

all:
  hosts:
    web-01:
      ansible_host: 192.168.1.10
      ansible_user: admin
  children:
    webservers:
      hosts:
        web-02:
          ansible_host: 192.168.1.11

INI format:

ini

[webservers]
web-01 ansible_host=192.168.1.10 ansible_user=admin
web-02 ansible_host=192.168.1.11
 
[webservers:vars]
ansible_user=admin

Group names are saved as ansible_group tags.

known_hosts

Extracts hostnames and IPs from ~/.ssh/known_hosts.

Supports [host]:port notation
Hashed entries (|1|...) are skipped
@cert-authority and @revoked markers are skipped

CSV

Parses CSV files with a header row. Column names are case-insensitive.

Required columns (at least one): id, hostname, host, address, ip

Optional columns: user, os, port, tags

Tags column format: key1=value1,key2=value2

csv

id,address,user,os,tags
web-01,192.168.1.10,admin,linux,env=prod,role=web
db-01,192.168.1.20,postgres,linux,env=prod,role=db

Port values are validated to be within the range 1-65535.

Import Flow

Parse the source file (non-fatal issues are displayed as warnings)
Compare differences with the existing configuration (case-insensitive ID comparison)
Display "new" / "exists" status in a table
Confirmation prompt (can be skipped with --dry-run)
Add new hosts to the configuration
Display next steps for each host

plaintext

Next steps:
  nefia vpn invite --name web-01 --os linux
  nefia vpn invite --name db-01 --os linux

Host ID Sanitization

Imported host IDs are automatically sanitized:

Converted to lowercase
Spaces, dots, underscores, and @ are replaced with hyphens
Characters other than alphanumerics and hyphens are removed
Consecutive hyphens are collapsed into one
Leading/trailing hyphens are removed
Truncated to a maximum of 63 characters

Handling Existing Hosts

If a host with the same ID already exists in the configuration, it is skipped. No overwriting is performed.