-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup-common.yml
38 lines (36 loc) · 1.01 KB
/
setup-common.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
---
- name: Apply standard config
hosts: "{{ limit_hosts | default('all')}}"
become: true
tags: common-config
tasks:
- name: Create group {{ primary_group }}
group:
name: "{{ primary_group }}"
gid: "{{ primary_user_guid }}"
state: present
tags: create-user
- name: Create user {{ primary_user }}
user:
name: "{{ primary_user }}"
password: "{{ primary_user_pass_encoded }}"
group: "{{ primary_group }}"
uid: "{{ primary_user_puid }}"
shell: "/bin/bash"
state: present
tags: create-user
- hosts: "{{ limit_hosts | default('all')}}"
become: true
tags: common-config
roles:
- name: common/debian-sudo
- name: common/add-ssh-keys
become: true
tags: ssh
- name: devsec.hardening.ssh_hardening
vars:
ssh_allow_tcp_forwarding: "yes"
#ssh_server_password_login: true
#sshd_authenticationmethods: publickey password
tags: ssh
- name: common/update-all-packages