51 lines
1.0 KiB
YAML
51 lines
1.0 KiB
YAML
---
|
|
|
|
- name: Configure users.
|
|
ansible.builtin.include_tasks:
|
|
file: configure_users.yml
|
|
loop: "{{ users }}"
|
|
|
|
|
|
- name: Install opendoas.
|
|
ansible.builtin.apt:
|
|
name:
|
|
- opendoas
|
|
state: present
|
|
|
|
- name: Set opendoas_settings variable.
|
|
block:
|
|
|
|
- name: Initialize the variable with an empty list.
|
|
ansible.builtin.set_fact:
|
|
opendoas_settings: []
|
|
|
|
- name: Append settings from each user to the list.
|
|
ansible.builtin.set_fact:
|
|
opendoas_settings: "{{ opendoas_settings + [item.opendoas_settings] }}"
|
|
loop: "{{ users }}"
|
|
|
|
- name: Install opendoas config.
|
|
ansible.builtin.template:
|
|
src: doas.conf.j2
|
|
dest: /etc/doas.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
|
|
- name: Install openssh-server.
|
|
ansible.builtin.apt:
|
|
name:
|
|
- openssh-server
|
|
state: present
|
|
|
|
- name: Install sshd config.
|
|
ansible.builtin.copy:
|
|
src: sshd_config
|
|
dest: /etc/ssh/sshd_config
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify:
|
|
- Restart sshd service.
|