Kapisi/roles/ShadowArch/tasks/raspbian-network.yml

48 lines
1.0 KiB
YAML
Raw Permalink Normal View History

---
2022-01-25 23:54:43 -06:00
- name: Rasbian network packages
become: yes
package:
name:
- netbase
state: present
- name: Rasbian network config
become: yes
when: not static
copy:
src: raspbian-interfaces
dest: "/etc/network/interfaces"
owner: root
group: root
mode: 0644
- name: Rasbian network config (static)
2022-01-25 23:54:43 -06:00
become: yes
when: static
template:
src: raspbian-static.j2
dest: "/etc/network/interfaces"
owner: root
group: root
mode: 0644
- name: Raspbian wireless
become: yes
command:
cmd: /bin/bash -c "wpa_passphrase {{ wireless_ssid }} '{{ passwords['Shadowfeed'] }}' > /etc/wpa_supplicant.conf"
creates: '/etc/wpa_supplicant.conf'
- name: Raspbian wireless hardening
become: yes
file:
path: '/etc/wpa_supplicant.conf'
state: file
owner: root
group: root
mode: 0600
2023-11-30 02:47:16 -06:00
- name: Ensure keys
become: yes
command: /bin/bash -c 'chmod go-rwx /etc/ssh/*key'