From 8c36bebe62ef69f68e50cfcb5e74cc1c1a9ba7c1 Mon Sep 17 00:00:00 2001 From: rubenb Date: Wed, 18 Oct 2023 09:09:20 +0200 Subject: [PATCH] update playbooks tasks --- .../roles/config-awx-user/tasks/main.yaml | 13 ++++++++++--- .../roles/config-root-user/tasks/main.yaml | 10 +++++++++- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/linux/base-config-debian/roles/config-awx-user/tasks/main.yaml b/linux/base-config-debian/roles/config-awx-user/tasks/main.yaml index aecf7bc..5812a8f 100644 --- a/linux/base-config-debian/roles/config-awx-user/tasks/main.yaml +++ b/linux/base-config-debian/roles/config-awx-user/tasks/main.yaml @@ -1,5 +1,6 @@ --- +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # create user awx-user on debian os - name: Create a ssh user awx-user in the system user: @@ -9,31 +10,37 @@ groups: sudo state: present comment: ssh user +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # add ssh-key pub to user awx-user - name: Adding ssh-pub-key to user awx-user authorized_key: user: awx-user key: "{{ key_to_add }}" +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # install sudo package - name: Install sudo package apt: name: sudo state: present +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # add awx-user to sudoers - name: Add awx-user to sudoers file: path: /etc/sudoers.d/awx-user state: touch mode: u=rw,g=r,o=r +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # add a line to /etc/sudoers.d/awx-user file - name: add a line to /etc/sudoers.d/awx-user file lineinfile: path: /etc/sudoers.d/awx-user line: awx-user ALL=(ALL) NOPASSWD:ALL - - +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ \ No newline at end of file diff --git a/linux/base-config-debian/roles/config-root-user/tasks/main.yaml b/linux/base-config-debian/roles/config-root-user/tasks/main.yaml index 8231236..5ca6099 100644 --- a/linux/base-config-debian/roles/config-root-user/tasks/main.yaml +++ b/linux/base-config-debian/roles/config-root-user/tasks/main.yaml @@ -1,5 +1,6 @@ --- +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # delete default user , only on VM - name: delete default user , only on VM user: @@ -8,13 +9,17 @@ remove: yes tags: - delete-user +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # change root password - name: change root password user: name: root password: "{{ ssh_password | password_hash('sha512') }}" +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # config sshd_config file , no root password - name: change sshd_config to no root password copy: @@ -24,10 +29,13 @@ owner: root group: root mode: '0644' +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # delete file sshd_config.orig - name: delete /etc/ssh/sshd_config.orig file file: path: /etc/ssh/sshd_config.orig state: absent - notify: Restart ssh service \ No newline at end of file + notify: Restart ssh service +#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ \ No newline at end of file