update playbooks tasks

This commit is contained in:
Ruben Blanco 2023-10-18 09:09:20 +02:00
parent c47a74749b
commit 8c36bebe62
2 changed files with 19 additions and 4 deletions

View File

@ -1,5 +1,6 @@
---
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# create user awx-user on debian os
- name: Create a ssh user awx-user in the system
user:
@ -9,31 +10,37 @@
groups: sudo
state: present
comment: ssh user
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# add ssh-key pub to user awx-user
- name: Adding ssh-pub-key to user awx-user
authorized_key:
user: awx-user
key: "{{ key_to_add }}"
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# install sudo package
- name: Install sudo package
apt:
name: sudo
state: present
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# add awx-user to sudoers
- name: Add awx-user to sudoers
file:
path: /etc/sudoers.d/awx-user
state: touch
mode: u=rw,g=r,o=r
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# add a line to /etc/sudoers.d/awx-user file
- name: add a line to /etc/sudoers.d/awx-user file
lineinfile:
path: /etc/sudoers.d/awx-user
line: awx-user ALL=(ALL) NOPASSWD:ALL
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

View File

@ -1,5 +1,6 @@
---
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# delete default user , only on VM
- name: delete default user , only on VM
user:
@ -8,13 +9,17 @@
remove: yes
tags:
- delete-user
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# change root password
- name: change root password
user:
name: root
password: "{{ ssh_password | password_hash('sha512') }}"
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# config sshd_config file , no root password
- name: change sshd_config to no root password
copy:
@ -24,10 +29,13 @@
owner: root
group: root
mode: '0644'
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# delete file sshd_config.orig
- name: delete /etc/ssh/sshd_config.orig file
file:
path: /etc/ssh/sshd_config.orig
state: absent
notify: Restart ssh service
notify: Restart ssh service
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++