more corrections
Some checks reported errors
continuous-integration/drone/push Build was killed

This commit is contained in:
Torma Kristóf 2023-07-25 15:59:06 +02:00
parent 68613a253a
commit d3b6348480

View File

@ -99,17 +99,45 @@
- name: Define group in sudoers - name: Define group in sudoers
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
state: present state: present
path: /etc/ssh/sshd_config path: /etc/sudoers
line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL" line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL"
when: checksudoers.found == 0 when: checksudoers.found == 0
- name: Remove misconfig from sshd
ansible.builtin.lineinfile:
state: absent
path: /etc/ssh/sshd_config
line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL"
- name: Remove old AllowUsers
ansible.builtin.lineinfile:
state: absent
path: /etc/ssh/sshd_config
regexp: "^AllowUsers tormakris ansible service-user"
- name: Check if AllowUsers is defined
ansible.builtin.lineinfile:
state: absent
path: /etc/ssh/sshd_config
regexp: "intra.tormakris.dev"
check_mode: true
changed_when: false
register: checkallowusers
- name: Define AllowUsers if undefined
ansible.builtin.lineinfile:
state: present
path: /etc/ssh/sshd_config
line: "AllowUsers tormakris@intra.tormakris.dev ansible@intra.tormakris.dev service-user@intra.tormakris.dev"
when: checkallowusers.found == 0
- name: Create home for tormakris - name: Create home for tormakris
ansible.builtin.command: ansible.builtin.command:
cmd: mkhomedir_helper tormakris@intra.tormakris.dev cmd: mkhomedir_helper tormakris@intra.tormakris.dev
- name: Remove home directory - name: Remove home directory
ansible.builtin.file: ansible.builtin.file:
path: /home/tormakris@intra.tormakris.dev/tormakris path: /home/tormakris@intra.tormakris.dev/tormakris/
state: absent state: absent
recurse: yes recurse: yes
@ -121,6 +149,18 @@
owner: tormakris@intra.tormakris.dev owner: tormakris@intra.tormakris.dev
group: domain users@intra.tormakris.dev group: domain users@intra.tormakris.dev
- name: Create home for ansible
ansible.builtin.command:
cmd: mkhomedir_helper ansible@intra.tormakris.dev
- name: Copy ansible home
ansible.builtin.copy:
src: /home/ansible/
dest: /home/ansible@intra.tormakris.dev/
remote_src: yes
owner: tormakris@intra.tormakris.dev
group: domain users@intra.tormakris.dev
- name: "Update authorized_keys of tormakris" - name: "Update authorized_keys of tormakris"
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: tormakris@intra.tormakris.dev user: tormakris@intra.tormakris.dev