49 lines
1.3 KiB
YAML
49 lines
1.3 KiB
YAML
|
---
|
||
|
# file: tasks/ssh.yml
|
||
|
|
||
|
- name: ssh - add keys to file ~/.ssh/authorized_keys
|
||
|
authorized_key: user="root" key=https://github.com/{{item}}.keys
|
||
|
with_items: "{{hosts_ssh_users|default([])}}"
|
||
|
become: yes
|
||
|
|
||
|
- name: ssh - copy ssh private keys
|
||
|
with_items: "{{hosts_ssh_private_keys|default([])}}"
|
||
|
copy: src={{item}} dest=~/.ssh/ mode=0400
|
||
|
become: yes
|
||
|
|
||
|
- name: ssh - add public hosts keys to known_hosts
|
||
|
with_items: "{{hosts_ssh_public_hosts_keys|default([])}}"
|
||
|
known_hosts:
|
||
|
name: "{{item.name}}"
|
||
|
key: "{{ lookup('file', '{{item.key}}') }}"
|
||
|
become: yes
|
||
|
|
||
|
- name: ssh - define configuration
|
||
|
set_fact:
|
||
|
sshd_config:
|
||
|
- dest: /etc/conf.d/dropbear
|
||
|
line: 'DROPBEAR_OPTS="\1 -b /etc/issue.net"'
|
||
|
regex: '^DROPBEAR_OPTS="((?!.*-b /etc/issue.net).*)"$'
|
||
|
- dest: /etc/ssh/sshd_config
|
||
|
line: Banner /etc/issue.net
|
||
|
regex: ^#?Banner
|
||
|
|
||
|
- name: ssh - stat configuration file
|
||
|
changed_when: false
|
||
|
register: sshd_config_stat
|
||
|
stat:
|
||
|
path: '{{item.dest}}'
|
||
|
with_items: '{{sshd_config|default([])}}'
|
||
|
|
||
|
- name: ssh - configure sshd
|
||
|
become: yes
|
||
|
lineinfile:
|
||
|
backrefs: true
|
||
|
dest: '{{item.0.dest}}'
|
||
|
line: '{{item.0.line}}'
|
||
|
regex: '{{item.0.regex}}'
|
||
|
with_together:
|
||
|
- '{{sshd_config|default([])}}'
|
||
|
- '{{sshd_config_stat.results}}'
|
||
|
when: item.1.stat.exists
|