summaryrefslogtreecommitdiffstats
path: root/roles/base/tasks
diff options
context:
space:
mode:
authorSacha Chua <sacha@sachachua.com>2022-10-16 18:11:09 -0400
committerSacha Chua <sacha@sachachua.com>2022-10-16 18:11:09 -0400
commit12c465a8f6e127a599b0477094552fc90c7e2ce0 (patch)
tree81abef4c2a2d0230ca403eed1133815f2e37a740 /roles/base/tasks
parent84ccb907a14bd8bd06afec7b5ac836fa7a0883f6 (diff)
parent54af5163644ef58a641e86288c7af8653970a319 (diff)
downloademacsconf-ansible-12c465a8f6e127a599b0477094552fc90c7e2ce0.tar.xz
emacsconf-ansible-12c465a8f6e127a599b0477094552fc90c7e2ce0.zip
Merge branch 'main' of git.emacsconf.org:pub/emacsconf-ansible into main
Diffstat (limited to 'roles/base/tasks')
-rw-r--r--roles/base/tasks/main.yml54
1 files changed, 54 insertions, 0 deletions
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
new file mode 100644
index 0000000..8d2280b
--- /dev/null
+++ b/roles/base/tasks/main.yml
@@ -0,0 +1,54 @@
+---
+# User & Group Creation
+- name: create groups
+ group:
+ name: "{{ item.value.group }}"
+ state: "{{ item.value.state }}"
+ loop: "{{ init_users | dict2items }}"
+
+- name: create users
+ user:
+ name: "{{ item.value.name }}"
+ group: "{{ item.value.group }}"
+ groups: "{{ item.value.groups }}"
+ create_home: "{{ item.value.create_home }}"
+ state: "{{ item.value.state }}"
+ shell: "{{ item.value.shell }}"
+ loop: "{{ init_users | dict2items }}"
+
+# SSH Initial Setup
+- name: create .ssh dirs
+ file:
+ path: "/home/{{ item.value.name }}/.ssh"
+ state: directory
+ mode: 0700
+ owner: "{{ item.value.name }}"
+ group: "{{ item.value.group }}"
+ loop: "{{ init_users | dict2items }}"
+
+
+- name: Copy keys to users
+ authorized_key:
+ user: "{{ item.value.name }}"
+ state: present
+ key: "{{ lookup('file', 'keys/{{ item.value.name }}') }}"
+ loop: "{{ init_users | dict2items }}"
+
+
+- name: Copy custom sshd_config
+ copy:
+ src: sshd_config
+ dest: "/etc/ssh/sshd_config.d/emacsconf_ssh.conf"
+ mode: 0644
+ owner: root
+ group: root
+
+# Sudoers
+- name: sudoers.d entries
+ copy:
+ src: "sudoers.d/"
+ dest: "/etc/sudoers.d/"
+ mode: 0440
+ owner: root
+ group: root
+ force: no