michael/IaC
1
0
Fork 0
Code Packages

Compare commits

base: michael:6c88c4af86d234c099ca9242c8da248b7b15c395
Branches Tags
michael:main
..
compare: michael:424fe250d80aa66e5ff6cb46ff1125c07a0f5dba
Branches Tags
michael:main

No commits in common. "6c88c4af86d234c099ca9242c8da248b7b15c395" and "424fe250d80aa66e5ff6cb46ff1125c07a0f5dba" have entirely different histories.
6c88c4af86 ... 424fe250d8

7 changed files with 3 additions and 60 deletions
Show Stats Expand all files Collapse all files

1
ansible/group_vars/all.yaml
View File

@ -1 +0,0 @@
---

6
ansible/host_vars/lab.yaml
View File

@ -1,6 +0,0 @@
---
# sshd
authorized_keys_file: lab_authorized_keys
openssh_configuration_src: sshd_config_arch

2
ansible/inventory/hosts.yaml
View File

@ -7,8 +7,6 @@ all:
lab: lab:
ansible_host: lab.balsillie.net ansible_host: lab.balsillie.net
ansible_os_family: Arch ansible_os_family: Arch
ansible_user: ladmin
ansible_connection: ssh
nodes: nodes:
node1: node1:
ansible_host: node1.balsillie.net ansible_host: node1.balsillie.net

9
ansible/playbooks/lab.yaml
View File

@ -1,9 +0,0 @@
---
- name: Configure lab host
gather_facts: true
hosts: lab
become: true
roles:
- sshd
- firewall

3
ansible/roles/sshd/defaults/main.yml
View File

@ -3,4 +3,5 @@ openssh_packages:
- openssh - openssh
openssh_service: sshd.service openssh_service: sshd.service
openssh_configuration_file: /etc/ssh/sshd_config openssh_configuration_file: /etc/ssh/sshd_config
openssh_configuration_mode: 0644 openssh_template_src: sshd_config_arch
openssh_template_mode: "644"

9
ansible/roles/sshd/handlers/main.yml
View File

@ -1,9 +0,0 @@
---
- name: restart openssh
ansible.builtin.service:
name: "{{ openssh_service }}"
state: restarted
when:
- not ansible_check_mode
- not openssh_restart_immediately

33
ansible/roles/sshd/tasks/main.yml
View File

@ -4,35 +4,4 @@
name: "{{ openssh_packages }}" name: "{{ openssh_packages }}"
state: latest state: latest
update_cache: true update_cache: true
reason: explicit reason: explicit
when:
- ansible_os_family == 'Arch'
- name: add authorized keys
ansible.builtin.copy:
dest: "/home/{{ ansible_user }}/.ssh/authorized_keys"
src: "{{ authorized_keys_file }}"
mode: 0600
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
- name: configure openssh
ansible.builtin.copy:
dest: "{{ openssh_configuration_file }}"
src: "{{ openssh_configuration_src }}"
mode: "{{ openssh_configuration_mode }}"
owner: root
group: root
notify:
- restart openssh
- name: start and enable openssh
ansible.builtin.service:
name: "{{ openssh_service }}"
state: started
enabled: yes
- name: flush handlers
ansible.builtin.meta: flush_handlers
when:
- openssh_restart_immediately