LAFORET Kyllian
85dc557392
nouveau fichier : ct-ansible/hosts nouveau fichier : ct-ansible/playbook.yml
40 lines
830 B
YAML
40 lines
830 B
YAML
- hosts: all
|
|
tasks:
|
|
|
|
- name: create_usr
|
|
user:
|
|
name: sioadm
|
|
state: present
|
|
shell: /sbin/nologin
|
|
generate_ssh_key: yes
|
|
uid: 1200
|
|
groups : sudo
|
|
append : yes
|
|
password: "{{ 'sioadm' | password_hash('sha512') }}"
|
|
password_lock: yes
|
|
|
|
- name: delete rpcbind
|
|
apt :
|
|
name : rpcbind
|
|
state : absent
|
|
|
|
- name : delete wpasupplicant
|
|
apt :
|
|
name : wpasupplicant
|
|
state : absent
|
|
|
|
- name : copy resolv.conf
|
|
copy :
|
|
src : /etc/resolv.conf
|
|
dest : /etc/resolv.conf
|
|
|
|
- name: disable SSH access for root
|
|
replace:
|
|
dest: /etc/ssh/sshd_config
|
|
regexp: '^PermitRootLogin (yes|without-password)'
|
|
replace: '^PermitRootLogin (yes|without-password|prohibit-password)'
|
|
notify: reload sshd
|
|
when: evolinux_root_disable_ssh
|
|
|
|
|