diff options
Diffstat (limited to 'roles/setup_security/tasks')
-rw-r--r-- | roles/setup_security/tasks/main.yml | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/roles/setup_security/tasks/main.yml b/roles/setup_security/tasks/main.yml deleted file mode 100644 index 36844c3..0000000 --- a/roles/setup_security/tasks/main.yml +++ /dev/null @@ -1,65 +0,0 @@ - -# =========================================================================== # -# __ _ __ -# _________ / /__ ________ _______ _______(_) /___ __ -# / ___/ __ \/ / _ \ / ___/ _ \/ ___/ / / / ___/ / __/ / / / -# / / / /_/ / / __/ (__ ) __/ /__/ /_/ / / / / /_/ /_/ / -# /_/ \____/_/\___(_) /____/\___/\___/\__,_/_/ /_/\__/\__, / -# /____/ -# -# =========================================================================== # - ---- -- name: Remove default user pi - user: - name: pi - state: absent - remove: yes - -- name: Remove default group pi - group: - name: pi - state: absent - -- name: Apply syspatch for system type = {{ ansible_distribution }} - syspatch: - apply: true - when: inventory_hostname in groups["openbsd"] - -- name: Add puffy account for system type = {{ ansible_distribution }} - user: - name: puffy - group: wheel - when: inventory_hostname in groups["openbsd"] - -- name: Copy doas.conf to /etc/doas.conf for system type = {{ ansible_distribution }} - copy: - src: "{{ role_path }}/files/doas.conf" - dest: "/etc/doas.conf" - -- name: Copy ssh key for puffy account - authorized_key: - user: puffy - state: present - key: "{{ item }}" - with_file: - - "{{ playbook_dir }}/files/pub_ssh/rgoncalves.pub.ssh" - -- name: Copy ssh key for root account - authorized_key: - user: root - state: present - key: "{{ item }}" - with_file: - - "{{ playbook_dir }}/files/pub_ssh/rgoncalves.pub.ssh" - -- name: Disable password login in sshd_config - lineinfile: - path: /etc/ssh/sshd_config - regexp: "PasswordAuthentication" - line: "PasswordAuthentication no" - -- name: Restart sshd daemon - service: - name: sshd - state: restarted |