aboutsummaryrefslogtreecommitdiffstats
path: root/roles/setup_security/tasks/main.yml
diff options
context:
space:
mode:
authorbinary <me@rgoncalves.se>2020-11-12 14:29:49 +0100
committerbinary <me@rgoncalves.se>2020-11-12 14:29:49 +0100
commitb419094cda74405eb4cbb8b7031b53cd2f347566 (patch)
treee3e6de54517612ebc96a6d3804848637562103a4 /roles/setup_security/tasks/main.yml
parent9007e995ed14f92af8fe57fbe9ced0047d2a5634 (diff)
downloadinfrastructure-b419094cda74405eb4cbb8b7031b53cd2f347566.tar.gz
Refactor and cleanup old roles
Diffstat (limited to 'roles/setup_security/tasks/main.yml')
-rw-r--r--roles/setup_security/tasks/main.yml65
1 files changed, 0 insertions, 65 deletions
diff --git a/roles/setup_security/tasks/main.yml b/roles/setup_security/tasks/main.yml
deleted file mode 100644
index 36844c3..0000000
--- a/roles/setup_security/tasks/main.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-
-# =========================================================================== #
-# __ _ __
-# _________ / /__ ________ _______ _______(_) /___ __
-# / ___/ __ \/ / _ \ / ___/ _ \/ ___/ / / / ___/ / __/ / / /
-# / / / /_/ / / __/ (__ ) __/ /__/ /_/ / / / / /_/ /_/ /
-# /_/ \____/_/\___(_) /____/\___/\___/\__,_/_/ /_/\__/\__, /
-# /____/
-#
-# =========================================================================== #
-
----
-- name: Remove default user pi
- user:
- name: pi
- state: absent
- remove: yes
-
-- name: Remove default group pi
- group:
- name: pi
- state: absent
-
-- name: Apply syspatch for system type = {{ ansible_distribution }}
- syspatch:
- apply: true
- when: inventory_hostname in groups["openbsd"]
-
-- name: Add puffy account for system type = {{ ansible_distribution }}
- user:
- name: puffy
- group: wheel
- when: inventory_hostname in groups["openbsd"]
-
-- name: Copy doas.conf to /etc/doas.conf for system type = {{ ansible_distribution }}
- copy:
- src: "{{ role_path }}/files/doas.conf"
- dest: "/etc/doas.conf"
-
-- name: Copy ssh key for puffy account
- authorized_key:
- user: puffy
- state: present
- key: "{{ item }}"
- with_file:
- - "{{ playbook_dir }}/files/pub_ssh/rgoncalves.pub.ssh"
-
-- name: Copy ssh key for root account
- authorized_key:
- user: root
- state: present
- key: "{{ item }}"
- with_file:
- - "{{ playbook_dir }}/files/pub_ssh/rgoncalves.pub.ssh"
-
-- name: Disable password login in sshd_config
- lineinfile:
- path: /etc/ssh/sshd_config
- regexp: "PasswordAuthentication"
- line: "PasswordAuthentication no"
-
-- name: Restart sshd daemon
- service:
- name: sshd
- state: restarted
remember that computers suck.