2023-10-13 07:08:54 +00:00
|
|
|
---
|
|
|
|
|
2023-10-18 07:09:20 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
2023-10-13 07:08:54 +00:00
|
|
|
# delete default user , only on VM
|
|
|
|
- name: delete default user , only on VM
|
|
|
|
user:
|
|
|
|
name: "{{ name_user }}"
|
|
|
|
state: absent
|
|
|
|
remove: yes
|
|
|
|
tags:
|
|
|
|
- delete-user
|
2023-10-18 07:09:20 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
2023-10-13 07:08:54 +00:00
|
|
|
|
2023-10-18 07:09:20 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
2023-10-13 07:08:54 +00:00
|
|
|
# change root password
|
|
|
|
- name: change root password
|
|
|
|
user:
|
|
|
|
name: root
|
|
|
|
password: "{{ ssh_password | password_hash('sha512') }}"
|
2023-10-18 07:09:20 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
2023-10-13 07:08:54 +00:00
|
|
|
|
2023-10-18 07:09:20 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
2023-10-13 07:08:54 +00:00
|
|
|
# config sshd_config file , no root password
|
|
|
|
- name: change sshd_config to no root password
|
2023-10-18 08:58:22 +00:00
|
|
|
lineinfile:
|
|
|
|
path: "{{ path_sshd_config_file }}"
|
|
|
|
regexp: "PermitRootLogin yes"
|
|
|
|
line: "#PermitRootLogin prohibit-password"
|
|
|
|
state: present
|
2023-10-18 08:58:33 +00:00
|
|
|
notify: Restart ssh service
|
2023-10-18 08:58:22 +00:00
|
|
|
#- name: change sshd_config to no root password
|
|
|
|
# copy:
|
|
|
|
# src: "{{ source_path_ssh }}"
|
|
|
|
# dest: "{{ dest_path_ssh }}"
|
|
|
|
# remote_src: yes
|
|
|
|
# owner: root
|
|
|
|
# group: root
|
|
|
|
# mode: '0644'
|
2023-10-13 07:08:54 +00:00
|
|
|
# delete file sshd_config.orig
|
2023-10-18 08:58:22 +00:00
|
|
|
#- name: delete /etc/ssh/sshd_config.orig file
|
|
|
|
# file:
|
|
|
|
# path: "{{ source_path_ssh }}"
|
|
|
|
# state: absent
|
|
|
|
# notify: Restart ssh service
|
2023-10-18 08:24:24 +00:00
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
|
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
# changes .BASHRC file of root user
|
|
|
|
# step1 - uncomment lines
|
|
|
|
- name: uncomment this lines
|
|
|
|
lineinfile:
|
|
|
|
dest: "{{ path_bashrc_root }}"
|
|
|
|
regexp: "{{item.regexp}}"
|
|
|
|
line: "{{item.line}}"
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- regexp: "^# export LS_OPTIONS"
|
|
|
|
line: "export LS_OPTIONS='--color=auto'"
|
|
|
|
- regexp: "^# eval "$(dircolors)""
|
|
|
|
line: "eval "$(dircolors)""
|
|
|
|
- regexp: "^# alias ls='ls $LS_OPTIONS'"
|
|
|
|
line: "alias ls='ls $LS_OPTIONS'"
|
|
|
|
- regexp: "^# alias ll='ls $LS_OPTIONS -l'"
|
|
|
|
line: "alias ll='ls $LS_OPTIONS -l'"
|
|
|
|
- regexp: "# alias l='ls $LS_OPTIONS -lA'"
|
|
|
|
line: "alias l='ls $LS_OPTIONS -lA'"
|
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
# step2 - add block lines
|
|
|
|
- name: add block lines
|
|
|
|
blockinfile:
|
|
|
|
path: "{{ path_bashrc_root }}"
|
|
|
|
block: |
|
|
|
|
### 4Loooong memories
|
|
|
|
HISTSIZE=10000
|
|
|
|
HISTFILESIZE=20000
|
|
|
|
### 4security
|
|
|
|
TMOUT=3600
|
|
|
|
### write auto label
|
|
|
|
# If this is an xterm set the title to user@host:dir
|
|
|
|
case "$TERM" in
|
|
|
|
xterm*|rxvt*)
|
|
|
|
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
source /etc/profile.d/bash_completion.sh
|
|
|
|
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|