Refs #8013: Playbook Claves ssh - authorized_keys2 added with users list. Split ssh task, generate keys & configure.
This commit is contained in:
parent
e17c76fb8d
commit
fba0ddd348
|
@ -6,8 +6,8 @@
|
||||||
tags: resolv
|
tags: resolv
|
||||||
- import_tasks: timesync.yml
|
- import_tasks: timesync.yml
|
||||||
tags: timesync
|
tags: timesync
|
||||||
- import_tasks: ssh.yml
|
- import_tasks: sshd_configure.yml
|
||||||
tags: ssh
|
tags: sshd_configure
|
||||||
- import_tasks: defuser.yml
|
- import_tasks: defuser.yml
|
||||||
tags: defuser
|
tags: defuser
|
||||||
- import_tasks: install.yml
|
- import_tasks: install.yml
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
- name: Configure sshd_config settings
|
||||||
|
copy:
|
||||||
|
dest: /etc/ssh/sshd_config.d/vn-listenipv4.conf
|
||||||
|
content: |
|
||||||
|
# Do not edit this file! Ansible will overwrite it.
|
||||||
|
ListenAddress 0.0.0.0
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=r,o=r
|
||||||
|
notify: restart sshd
|
||||||
|
- name: Deploy custom authorized_keys for root
|
||||||
|
copy:
|
||||||
|
dest: /root/.ssh/authorized_keys2
|
||||||
|
content: "{{ public_keys }}"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rw,g=,o=
|
|
@ -2,3 +2,7 @@
|
||||||
service:
|
service:
|
||||||
name: nslcd
|
name: nslcd
|
||||||
state: restarted
|
state: restarted
|
||||||
|
- name: restart-ssh
|
||||||
|
systemd:
|
||||||
|
name: ssh
|
||||||
|
state: restarted
|
||||||
|
|
|
@ -2,3 +2,5 @@
|
||||||
tags: auth
|
tags: auth
|
||||||
- import_tasks: sudoers.yml
|
- import_tasks: sudoers.yml
|
||||||
tags: sudoers
|
tags: sudoers
|
||||||
|
- import_tasks: ssh_keys.yml
|
||||||
|
tags: ssh_keys
|
|
@ -18,14 +18,4 @@
|
||||||
path: /etc/vn.ini
|
path: /etc/vn.ini
|
||||||
section: witness
|
section: witness
|
||||||
option: ssh_keys_generated
|
option: ssh_keys_generated
|
||||||
value: true
|
value: true
|
||||||
- name: Configure sshd_config settings
|
|
||||||
copy:
|
|
||||||
dest: /etc/ssh/sshd_config.d/vn-listenipv4.conf
|
|
||||||
content: |
|
|
||||||
# Do not edit this file! Ansible will overwrite it.
|
|
||||||
ListenAddress 0.0.0.0
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: u=rw,g=r,o=r
|
|
||||||
notify: restart sshd
|
|
Loading…
Reference in New Issue