125 lines
4.1 KiB
YAML
125 lines
4.1 KiB
YAML
---
|
|
- name: Converge
|
|
hosts: all
|
|
become: true
|
|
|
|
pre_tasks:
|
|
- name: Update apt cache.
|
|
package:
|
|
update_cache: true
|
|
cache_valid_time: 600
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Ensure build dependencies are installed (RedHat).
|
|
package:
|
|
name:
|
|
- openssh-server
|
|
- openssh-clients
|
|
state: present
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Ensure build dependencies are installed (Fedora).
|
|
package:
|
|
name: procps
|
|
state: present
|
|
when: ansible_distribution == 'Fedora'
|
|
|
|
- name: Ensure build dependencies are installed (Debian).
|
|
package:
|
|
name:
|
|
- openssh-server
|
|
- openssh-client
|
|
state: present
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Ensure auth.log file is present.
|
|
copy:
|
|
dest: /var/log/auth.log
|
|
content: ""
|
|
force: false
|
|
mode: 0644
|
|
when: ansible_distribution == 'Debian'
|
|
|
|
roles:
|
|
- role: palkx.users
|
|
vars:
|
|
users_groups:
|
|
admin:
|
|
gid: 1000
|
|
admin1:
|
|
gid: 1001
|
|
admin2:
|
|
gid: 1002
|
|
admin3:
|
|
gid: 1003
|
|
admin4:
|
|
gid: 1004
|
|
remote-users:
|
|
gid: 856
|
|
users:
|
|
admin:
|
|
shell: /bin/sh
|
|
uid: 1000
|
|
groups:
|
|
- admin
|
|
- remote-users
|
|
passwords:
|
|
# Generated with openssl passwd -6 -salt xyz testpass
|
|
default: $6$xyz$nz7SVil2FgVuZ4wjm/1PO31S1QyGBUPVClD55.anfY2pEjs9fUXceRVGsghlUh2I9Jsc2awuh94KOXmNJTcv.0
|
|
authorized_keys:
|
|
default:
|
|
# yamllint disable-line rule:line-length
|
|
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAxFJolWPmbFVMMyD9kxQb353ngyUsEebgkK9AcnjOI cardno:13_460_390'
|
|
admin1:
|
|
shell: /bin/sh
|
|
uid: 1001
|
|
groups:
|
|
- admin1
|
|
- remote-users
|
|
passwords:
|
|
# Generated with openssl passwd -6 -salt xyz testpass
|
|
default: $6$xyz$nz7SVil2FgVuZ4wjm/1PO31S1QyGBUPVClD55.anfY2pEjs9fUXceRVGsghlUh2I9Jsc2awuh94KOXmNJTcv.0
|
|
authorized_keys:
|
|
default:
|
|
# yamllint disable-line rule:line-length
|
|
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAxFJolWPmbFVMMyD9kxQb353ngyUsEebgkK9AcnjOI cardno:13_460_390'
|
|
admin2:
|
|
shell: /bin/sh
|
|
uid: 1002
|
|
groups:
|
|
- admin2
|
|
- remote-users
|
|
passwords:
|
|
# Generated with openssl passwd -6 -salt xyz testpass
|
|
default: $6$xyz$nz7SVil2FgVuZ4wjm/1PO31S1QyGBUPVClD55.anfY2pEjs9fUXceRVGsghlUh2I9Jsc2awuh94KOXmNJTcv.0
|
|
authorized_keys:
|
|
default:
|
|
# yamllint disable-line rule:line-length
|
|
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAxFJolWPmbFVMMyD9kxQb353ngyUsEebgkK9AcnjOI cardno:13_460_390'
|
|
admin3:
|
|
shell: /bin/sh
|
|
uid: 1003
|
|
groups:
|
|
- admin3
|
|
- remote-users
|
|
passwords:
|
|
# Generated with openssl passwd -6 -salt xyz testpass
|
|
default: $6$xyz$nz7SVil2FgVuZ4wjm/1PO31S1QyGBUPVClD55.anfY2pEjs9fUXceRVGsghlUh2I9Jsc2awuh94KOXmNJTcv.0
|
|
authorized_keys:
|
|
default:
|
|
# yamllint disable-line rule:line-length
|
|
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAxFJolWPmbFVMMyD9kxQb353ngyUsEebgkK9AcnjOI cardno:13_460_390'
|
|
admin4:
|
|
shell: /bin/bash
|
|
uid: 1004
|
|
groups:
|
|
- admin4
|
|
- remote-users
|
|
passwords:
|
|
# Generated with openssl passwd -6 -salt xyz testpass
|
|
default: $6$xyz$nz7SVil2FgVuZ4wjm/1PO31S1QyGBUPVClD55.anfY2pEjs9fUXceRVGsghlUh2I9Jsc2awuh94KOXmNJTcv.0
|
|
authorized_keys:
|
|
default:
|
|
# yamllint disable-line rule:line-length
|
|
key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIAxFJolWPmbFVMMyD9kxQb353ngyUsEebgkK9AcnjOI cardno:13_460_390'
|