Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---
- - name: Configure Server
- hosts: sample_server
- gather_facts: no
- remote_user: root
- vars:
- username: sample_user
- password: sample_password
- tasks:
- - name: Update apt cache
- apt: update_cache=yes
- - name: Safe aptitude upgrade
- apt: upgrade=safe
- async: 600
- poll: 5
- - name: Add my user
- user:
- name: "{{ username }}"
- password: "{{ password }}"
- update_password: always
- shell: /bin/bash
- groups: sudo
- append: yes
- generate_ssh_key: yes
- ssh_key_bits: 2048
- state: present
- - name: Add my workstation user's public key to the new user
- authorized_key:
- user: "{{ username }}"
- key: "{{ lookup('file', 'certificates/id_rsa.pub') }}"
- state: present
- - name: Change SSH port
- lineinfile:
- dest: /etc/ssh/sshd_config
- regexp: "^Port"
- line: "Port 30000"
- state: present
- # notify:
- # - Restart SSH
- - name: Remove root SSH access
- lineinfile:
- dest: /etc/ssh/sshd_config
- regexp: "^PermitRootLogin"
- line: "PermitRootLogin no"
- state: present
- # notify:
- # - Restart SSH
- - name: Remove password SSH access
- lineinfile:
- dest: /etc/ssh/sshd_config
- regexp: "^PasswordAuthentication"
- line: "PasswordAuthentication no"
- state: present
- # notify:
- # - Restart SSH
- - name: Reboot the server
- service: name=ssh state=restarted
- handlers:
- - name: Restart SSH
- service: name=ssh state=restarted
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement