Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ---
- - hosts: all
- vars:
- createuser: 'tes'
- createpassword: 'tes-fandi'
- tasks:
- - name: Setup | create user
- command: useradd -m {{ createuser }} creates=/home/{{ createuser }}
- sudo: true
- - name: Setup | set user password
- shell: usermod -p $(echo '{{ createpassword }}' | openssl passwd -1 -stdin) {{ createuser }}
- sudo: true
- - name: Setup | authorized key upload
- authorized_key:
- user: "{{ createuser }}"
- key: "{{lookup('file', 'aaaa.pub' ) }}"
- path: '/home/{{ createuser }}/.ssh/authorized_keys'
- manage_dir: no
- sudo: true
- - name: Sudoers | update sudoers file and validate
- lineinfile:
- dest: /etc/sudoers
- insertafter: EOF
- line: '{{ createuser }} ALL=(ALL) NOPASSWD: ALL'
- regexp: '{{ createuser }} ALL=(ALL) NOPASSWD: ALL'
- state: present
- sudo: true
- - name: Allow password from Local IP
- lineinfile:
- dest: /etc/ssh/sshd_config
- insertafter: EOF
- line: "Match Address 192.168.0.0/24"
- line: "PasswordAuthentication yes"
- state: present
- notify: Restart sshd
- handlers:
- - name: Restart sshd
- #action: service sshd state=restarted
- service: name=ssh state=restarted
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement