AniNIX/Kapisi
3
0
Fork 0
Code Issues 27 Pull Requests Projects 1 Releases Wiki Activity

Whitespace cleanup to get in sync with AniNIX/Uniglot hooks

Browse Source
This commit is contained in:
DarkFeather
2022-11-20 20:03:01 -06:00
parent a43cb4b6bb
commit a34c96df6b
96 changed files with 713 additions and 400 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
roles/SSH/tasks/main.yml
View File

@@ -1,30 +1,28 @@
---
- name: SSH
- name: SSH (ArchLinux)
become: yes
when: ansible_os_family == "Archlinux"
package:
state: present
name:
- bash
- sudo
- openssh
- name: SSH Config
- name: SSH (Raspbian)
become: yes
copy:
src: ssh_config
dest: /etc/ssh/ssh_config
- name: SSHD Config
become: yes
copy:
src: sshd_config
dest: /etc/ssh/sshd_config
when: ansible_os_family == "Debian"
package:
state: present
name:
- openssh-server
- openssh-client
- name: Mark SSH keys as immutable
become: yes
file:
path: "{{ item }}"
path: "{{ item }}"
attributes: i
loop:
loop:
- /etc/ssh/ssh_host_ed25519_key
- /etc/ssh/ssh_host_ed25519_key.pub
- /etc/ssh/ssh_host_rsa_key
@@ -32,17 +30,52 @@
- name: Add SSH control groups
become: yes
group:
group:
name: "{{ item }}"
state: present
loop:
loop:
- ssh-allow
- ssh-forward
- sftp-home-jail
- name: Add SSH user to ssh-allow
become: yes
user:
user:
name: "{{ ansible_user_id }}"
groups: ssh-allow
append: yes
- name: Copy the SSH key
authorized_key:
user: "{{ ansible_user_id }}"
state: present
key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/deploy.pub') }}"
- name: SSH Config
become: yes
copy:
src: ssh_config
dest: /etc/ssh/ssh_config
- name: SSHD Config
become: yes
register: sshd_config
copy:
src: sshd_config
dest: /etc/ssh/sshd_config
- name: Restart SSHD (ArchLinux)
become: yes
when: ansible_os_family == "Archlinux" and sshd_config.changed
service:
name: sshd
state: restarted
enabled: yes
- name: Restart SSHD (Raspbian)
become: yes
when: ansible_os_family == "Debian" and sshd_config.changed
service:
name: ssh
state: restarted
enabled: yes