klips/ansible/roles/core/tasks/configure-ssh.yml

52 lines
1.1 KiB
YAML
Raw Normal View History

2019-08-29 09:35:19 +00:00
---
- name: Copy server MOTD
template: src=files/motd dest=/etc/motd
2020-11-23 23:03:37 +00:00
- name: Install Yubico Authentication Module
apt:
name: libpam-yubico
state: latest
2019-08-29 09:35:19 +00:00
- name: Configure PAM
template: src=files/sshd dest=/etc/pam.d/sshd
- name: Add authusers file
2020-11-25 11:38:20 +00:00
lineinfile:
dest: /etc/authusers
line: '{{ item }}'
with_items:
- 'user1'
- 'user2'
2019-08-29 09:35:19 +00:00
- name: Add authorized_yubikeys file
copy:
2020-11-25 11:38:20 +00:00
src: files/authorized_yubikeys
dest: /etc/ssh/
- name: Copy adduser.sh script
copy:
src: files/adduser.sh
dest: /home/ansibleuser/
2019-08-29 09:35:19 +00:00
- name: Add custom /etc/hosts
lineinfile:
dest: /etc/hosts
line: '{{ item }}'
with_items:
- '127.0.0.1 localhost'
2020-11-25 11:38:20 +00:00
- '123.123.123.12 some.domain.com somewhere'
- '12.12.12.12 other.domains.com somewhereelse'
- name: Add SSH Keys
lineinfile:
2020-11-25 11:38:20 +00:00
dest: /home/ansibleuser/.ssh/authorized_keys
line: '{{ item }}'
with_items:
2020-11-25 11:38:20 +00:00
- 'ssh-rsa 1232346A+7654475n4x5y6GL657+V6mJ5Yp23s6I6o4+6N ansibleuser@host'
2019-08-29 09:35:19 +00:00
- name: Copy ssh configuration file
template: src=files/sshd_config dest=/etc/ssh/sshd_config
notify:
- restart ssh