66 lines
1.3 KiB
YAML
66 lines
1.3 KiB
YAML
---
|
|
|
|
- name: Common | Install common packages
|
|
ansible.builtin.apt:
|
|
update_cache: true
|
|
name:
|
|
- molly-guard
|
|
- dnsutils
|
|
- sudo
|
|
- nano
|
|
- tree
|
|
- screen
|
|
- python3
|
|
- curl
|
|
- gnupg
|
|
- ca-certificates
|
|
- cloud-utils
|
|
- rsync
|
|
- htop
|
|
- unzip
|
|
|
|
- name: Common | Allow to sudo with ssh-key
|
|
ansible.builtin.copy:
|
|
src: sudoers
|
|
dest: /etc/sudoers
|
|
owner: root
|
|
group: root
|
|
mode: '0440'
|
|
|
|
- name: Common | Change sshd port
|
|
ansible.builtin.copy:
|
|
src: sshd_config
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Common | Change hostname
|
|
ansible.builtin.template:
|
|
src: hostname.j2
|
|
dest: /etc/hostname
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: Common | Restart sshd service
|
|
ansible.builtin.service:
|
|
name: sshd
|
|
state: restarted
|
|
|
|
- name: Common | Deploy users
|
|
ansible.builtin.user:
|
|
name: "{{ item }}"
|
|
shell: /bin/bash
|
|
groups: sudo
|
|
append: true
|
|
create_home: true
|
|
with_items: "{{ group_vars_ssh_users }}"
|
|
|
|
- name: Deploy SSHKeys for users
|
|
ansible.posix.authorized_key:
|
|
user: "{{ item }}"
|
|
state: present
|
|
key: "{{ lookup('file', 'ssh-keys/{{ item }}.pub') }}"
|
|
with_items: "{{ group_vars_ssh_users }}"
|