46 lines
1.1 KiB
YAML
46 lines
1.1 KiB
YAML
- name: Update/install OpenSSH
|
|
ansible.builtin.apt:
|
|
name: openssh-server
|
|
state: latest
|
|
- name: Add 'bhays' user
|
|
ansible.builtin.user:
|
|
name: bhays
|
|
groups: sudo,adm
|
|
append: true
|
|
shell: /bin/bash
|
|
comment: Benjamin Hays
|
|
- name: Update/install Sudo
|
|
ansible.builtin.apt:
|
|
name: sudo
|
|
state: latest
|
|
- name: Ensure .ssh user folder exists
|
|
ansible.builtin.file:
|
|
path: "/home/bhays/.ssh/"
|
|
owner: bhays
|
|
group: bhays
|
|
mode: "0770"
|
|
state: directory
|
|
- name: Copy public key
|
|
ansible.builtin.copy:
|
|
owner: bhays
|
|
mode: "0600"
|
|
src: ../../Configs/authorized_keys
|
|
dest: /home/bhays/.ssh/authorized_keys
|
|
- name: Copy secure login banner
|
|
ansible.builtin.copy:
|
|
owner: root
|
|
mode: "0644"
|
|
src: ../../Configs/login_banner
|
|
dest: /etc/login_banner
|
|
- name: Copy Secure Configuration File
|
|
ansible.builtin.copy:
|
|
owner: bhays
|
|
mode: "0600"
|
|
src: ../../Configs/sshd_config
|
|
dest: /etc/ssh/sshd_config
|
|
- name: Restart OpenSSH
|
|
ansible.builtin.systemd:
|
|
name: ssh
|
|
state: restarted
|
|
changed_when: false
|