---
- name: Copy server MOTD
  template: src=files/motd dest=/etc/motd

- name: Install Yubico Authentication Module
  apt:
    name: libpam-yubico
    state: latest

- name: Configure PAM
  template: src=files/sshd dest=/etc/pam.d/sshd

- name: Add authusers file
  lineinfile:
    dest: /etc/authusers
    line: '{{ item }}'
  with_items:
    - 'user1'
    - 'user2'

- name: Add authorized_yubikeys file
  copy:
    src: files/authorized_yubikeys
    dest: /etc/ssh/

- name: Copy adduser.sh script
  copy:
    src: files/adduser.sh
    dest: /home/ansibleuser/

- name: Add custom /etc/hosts
  lineinfile:
    dest: /etc/hosts
    line: '{{ item }}'
  with_items:
    - '127.0.0.1 localhost'
    - '123.123.123.12 some.domain.com somewhere'
    - '12.12.12.12 other.domains.com somewhereelse'

- name: Add SSH Keys
  lineinfile:
    dest: /home/ansibleuser/.ssh/authorized_keys
    line: '{{ item }}'
  with_items:
    - 'ssh-rsa 1232346A+7654475n4x5y6GL657+V6mJ5Yp23s6I6o4+6N ansibleuser@host'

- name: Copy ssh configuration file
  template: src=files/sshd_config dest=/etc/ssh/sshd_config
  notify:
  - restart ssh