87 lines
1.8 KiB
YAML
87 lines
1.8 KiB
YAML
---
|
|
|
|
- name: '[SSH] - Create local dir'
|
|
file:
|
|
path: /root/.ssh
|
|
state: directory
|
|
mode: 0640
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Create authorized keys dir'
|
|
file:
|
|
path: /etc/ssh/authorized_keys
|
|
state: directory
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Deploy configuration'
|
|
template:
|
|
src: ssh/sshd_config.j2
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: restart ssh
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Deploy git poller ssh key' # Shouldn't this be removed?
|
|
copy:
|
|
src: '{{ base_ssh_poller_key }}'
|
|
dest: /root/.ssh/bs_git-key
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
when: base_ssh_poller_key is defined
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Manage authorized keys'
|
|
template:
|
|
src: ssh/authorized_keys.j2
|
|
dest: "/etc/ssh/authorized_keys/{{ item.user }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
with_items: "{{ base_ssh_authkey }}"
|
|
notify: restart ssh
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Setup ssh config'
|
|
template:
|
|
src: ssh/config.j2
|
|
dest: "{{ item.config_path }}"
|
|
with_items: "{{ base_ssh_user_config }}"
|
|
when: "base_ssh_user_config is defined"
|
|
notify: restart ssh
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Deploy secret keys'
|
|
copy:
|
|
src: '{{ item.privkey_path }}{{ item.name }}'
|
|
dest: /root/.ssh/{{ item.name }}
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
loop: '{{ base_ssh_secretkeys }}'
|
|
when: 'base_ssh_secretkeys is defined'
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Deploy pub keys'
|
|
copy:
|
|
src: '{{ item.privkey_path }}{{ item.name }}.pub'
|
|
dest: /root/.ssh/{{ item.name }}.pub
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
loop: '{{ base_ssh_secretkeys }}'
|
|
when: 'base_ssh_secretkeys is defined'
|
|
tags: ssh
|
|
|
|
- name: '[SSH] - Deploy known_hosts'
|
|
template:
|
|
src: ssh/known_hosts.j2
|
|
dest: /root/.ssh/known_hosts
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
tags: ssh
|
|
|