summaryrefslogtreecommitdiffstats
path: root/roles/base/files
diff options
context:
space:
mode:
Diffstat (limited to 'roles/base/files')
-rw-r--r--roles/base/files/keys/bandali1
-rw-r--r--roles/base/files/keys/cairn1
-rw-r--r--roles/base/files/keys/dragestil1
-rw-r--r--roles/base/files/keys/opal2
-rw-r--r--roles/base/files/keys/sachac2
-rw-r--r--roles/base/files/keys/zaeph1
-rw-r--r--roles/base/files/sshd_config16
-rw-r--r--roles/base/files/sudoers.d/10_ansible1
-rw-r--r--roles/base/files/sudoers.d/20_admin1
-rw-r--r--roles/base/files/sudoers.d/30_org_admin3
10 files changed, 29 insertions, 0 deletions
diff --git a/roles/base/files/keys/bandali b/roles/base/files/keys/bandali
new file mode 100644
index 0000000..e50d913
--- /dev/null
+++ b/roles/base/files/keys/bandali
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0St/clKIWYQMvrVwxs2f3bKapNnu6DmsRxitFfsGMN bandali@gnu.org
diff --git a/roles/base/files/keys/cairn b/roles/base/files/keys/cairn
new file mode 100644
index 0000000..6bd04bd
--- /dev/null
+++ b/roles/base/files/keys/cairn
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK7g0qqt0yIKwozCc+ogKiTzK5iwA3nXFHnlvhJfiEZUKiCcl9PN0O+50h8+rFrva27NxE8OEhCPCV9Ug+K8+Z4ikVbIYEBbgF4+GOtW6R7Ktota2Y+6c5DZfoq2vFNOI5cL1OkQUrQhVa+fIjb9zh2L9YgJIsBv/850HlYLS4DPMqyWo7SsMNFA2BIm/rL/U/fqjr4IJ/uxGa3cwM6zixqfozQShxULvz6BxVpe+yPp0yj+mau9DJEs18ZNoeC4vqzXq73hsth2RisXq389foWNRKrAMzcajw8EW7MRd4srRnlr6APt2ZH/vQ6EcTBNyWqEv2KJ4KVZLgg0QHyQBb cairn@starfighter
diff --git a/roles/base/files/keys/dragestil b/roles/base/files/keys/dragestil
new file mode 100644
index 0000000..5bc093f
--- /dev/null
+++ b/roles/base/files/keys/dragestil
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvPOtgcm5ptn8l+/YLAJEqVeT801btqFOf9gE9BLGDh yuchen@melb
diff --git a/roles/base/files/keys/opal b/roles/base/files/keys/opal
new file mode 100644
index 0000000..eeb5e3c
--- /dev/null
+++ b/roles/base/files/keys/opal
@@ -0,0 +1,2 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQChD6zcTYv5hpl9YRSetz1uQzQfOkzOQZNna0Mvzqt5mzptdthe6ZNHKchto5tpby5iVxwGTPiHcWs0VlnnDG/VX/a5p28qs2595MZizv6McqInr1kLj3w+gbJpPRqaL0GGtlCZhIYyv1MRFhkemdSzLAo4/Noj7z3b+z6tsnsIr/qJvpoUt0tdsrgMlHOHkqZsnQICNah+ugQAOQzCkZCW7E3hSMtal412eNIaX8TiB686N2VigMOOUxg6NNbo/dRFq5IMA48hBNJpzeS4zz1gMXv6hSCRPcBJ5aFt+O6T7VOXdTAlC88+zu6c554kacyhVB/4tWGmnf1ZaK4kD8Un ry@nocry
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGTI8v3jrhi/HS9RIudSrVg7WFBcvCiRj90q3Qa8HuwbbrHAkVSrhrpJKVTYMt2tBGdcM9QgU/dy5F0o07Vb23COQG/sqr/ImX8wSnjIvjW/yDHaKtEcy3sbvtqqRXiI8R8wfMctCPjUnl7OhaDPMWDy8sAefApCs1W5InafT6TYkooCg== ry@apollyon
diff --git a/roles/base/files/keys/sachac b/roles/base/files/keys/sachac
new file mode 100644
index 0000000..999b59c
--- /dev/null
+++ b/roles/base/files/keys/sachac
@@ -0,0 +1,2 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK0Vg112xS0SAuCutincht2LWs+2jC8EWC19Irotv8M0ztzLf6wmXEw0xoB8D78LKzXGC/gFcIvYzsNezHFpU5PmlxYBRJkdOYH2zYfnlWQFpJKmk1OelTrugaRE4HywXurf6q6Sot5hzbzPmCWgOlBZshnkDXMAyPCfYvL+RcwTRJWiaiGwwDHlfHCkebr4cwypRQ7Nl2kKajdp4wZXwbuP64pPNMmftZEMEM910w3zPnzQTil4IuLSiVC8K7TSk6xsnrsk10Y6zfoaHkZ71OD58rqPPFqeHYDj8SAvp6W4hHwakbf+r8nfRfr8Tc+gtCf0B6a4Y050OI5FxHlmjh
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyMf4V8eCzYNEde8xG4tIJPBv8NwoTzyRG9O5+Bl69osaHV7OZQz81wXil1qZ/xrUu6fc5jMkxq7j5KCCs2MF6gMq12UKe9ESKYe5i+jFL7+V6JNQqcjLcyaEfEFtFCJ95nWCQWpXrMPijvpB3+YxLspFOTz8ZJsGENXU+Rkz5EIdx2VTgHUbddCjE5jndIO58uPKmR4EpMeUWxb20xYLpOwM14aGF/ERVjI++dIwu7mc21kxg42HJjRA/NRV48IxrGl57KKzl7qtMrqwp+ucoLWw4PdqHk4/tApjmrgLiJzLpSZx/4LL3mHTg3I6w9fC5yTgk3k6rJFomb2Jbboxx
diff --git a/roles/base/files/keys/zaeph b/roles/base/files/keys/zaeph
new file mode 100644
index 0000000..33d3fa4
--- /dev/null
+++ b/roles/base/files/keys/zaeph
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJxla020OSOgCfbCekmMMEFNmuUicibIo7eotqONcJDB
diff --git a/roles/base/files/sshd_config b/roles/base/files/sshd_config
new file mode 100644
index 0000000..0060c33
--- /dev/null
+++ b/roles/base/files/sshd_config
@@ -0,0 +1,16 @@
+Include /etc/ssh/sshd_config.d/*.conf
+Port 46668
+
+LoginGraceTime 2m
+AllowAgentForwarding yes
+X11Forwarding yes
+PermitRootLogin prohibit-password
+AuthorizedKeysFile .ssh/authorized_keys
+PasswordAuthentication no
+UsePAM yes
+PrintMotd no
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/ssh/sftp-server
+
+AllowUsers opalvaults ansible bandali zaeph sachac dragestil cairn
diff --git a/roles/base/files/sudoers.d/10_ansible b/roles/base/files/sudoers.d/10_ansible
new file mode 100644
index 0000000..80053e5
--- /dev/null
+++ b/roles/base/files/sudoers.d/10_ansible
@@ -0,0 +1 @@
+ansible ALL = (ALL) NOPASSWD: ALL
diff --git a/roles/base/files/sudoers.d/20_admin b/roles/base/files/sudoers.d/20_admin
new file mode 100644
index 0000000..71b74c3
--- /dev/null
+++ b/roles/base/files/sudoers.d/20_admin
@@ -0,0 +1 @@
+%admin ALL=(ALL) ALL
diff --git a/roles/base/files/sudoers.d/30_org_admin b/roles/base/files/sudoers.d/30_org_admin
new file mode 100644
index 0000000..f855569
--- /dev/null
+++ b/roles/base/files/sudoers.d/30_org_admin
@@ -0,0 +1,3 @@
+sachac ALL=(ALL) /usr/bin/apt
+zaeph ALL=(ALL) /usr/bin/apt
+dragestil ALL=(ALL) /usr/bin/apt
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 17:42:15 +0000