--- - name: Copy server MOTD template: src=files/motd dest=/etc/motd - name: Install Yubico Authentication Module apt: name: libpam-yubico state: latest - name: Configure PAM template: src=files/sshd dest=/etc/pam.d/sshd - name: Add authusers file lineinfile: dest: /etc/authusers line: '{{ item }}' with_items: - 'user1' - 'user2' - name: Add authorized_yubikeys file copy: src: files/authorized_yubikeys dest: /etc/ssh/ - name: Copy adduser.sh script copy: src: files/adduser.sh dest: /home/ansibleuser/ - name: Add custom /etc/hosts lineinfile: dest: /etc/hosts line: '{{ item }}' with_items: - '127.0.0.1 localhost' - '123.123.123.12 some.domain.com somewhere' - '12.12.12.12 other.domains.com somewhereelse' - name: Add SSH Keys lineinfile: dest: /home/ansibleuser/.ssh/authorized_keys line: '{{ item }}' with_items: - 'ssh-rsa 1232346A+7654475n4x5y6GL657+V6mJ5Yp23s6I6o4+6N ansibleuser@host' - name: Copy ssh configuration file template: src=files/sshd_config dest=/etc/ssh/sshd_config notify: - restart ssh