vn-ansible/linux/base-config-debian/roles/config-root-user/tasks/main.yaml

---

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# delete default user , only on VM
- name: delete default user , only on VM
  user:
    name: "{{ name_user }}"
    state: absent
    remove: yes
  tags:
  - delete-user
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# change root password
- name: change root password
  user:
    name: root
    password: "{{ ssh_password | password_hash('sha512') }}"
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# config sshd_config file , no root password
- name: change sshd_config to no root password
  copy:
    src: /etc/ssh/sshd_config.orig
    dest: /etc/ssh/sshd_config
    remote_src: yes
    owner: root
    group: root
    mode: '0644'
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# delete file sshd_config.orig
- name: delete /etc/ssh/sshd_config.orig file
  file:
    path: /etc/ssh/sshd_config.orig
    state: absent
  notify: Restart ssh service
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`---`

update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`# delete default user , only on VM`
			`- name: delete default user , only on VM`
			`user:`
			`name: "{{ name_user }}"`
			`state: absent`
			`remove: yes`
			`tags:`
			`- delete-user`
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`# change root password`
			`- name: change root password`
			`user:`
			`name: root`
			`password: "{{ ssh_password \| password_hash('sha512') }}"`
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`# config sshd_config file , no root password`
			`- name: change sshd_config to no root password`
			`copy:`
			`src: /etc/ssh/sshd_config.orig`
			`dest: /etc/ssh/sshd_config`
add remote_src to copy module 2023-10-13 08:05:38 +00:00			`remote_src: yes`
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`owner: root`
			`group: root`
			`mode: '0644'`
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00
update playbooks tasks 2023-10-18 07:09:20 +00:00			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`
hardnening-root playbook 2023-10-13 07:08:54 +00:00			`# delete file sshd_config.orig`
			`- name: delete /etc/ssh/sshd_config.orig file`
			`file:`
			`path: /etc/ssh/sshd_config.orig`
			`state: absent`
update playbooks tasks 2023-10-18 07:09:20 +00:00			`notify: Restart ssh service`
			`#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++`