63 lines
1.5 KiB
YAML
63 lines
1.5 KiB
YAML
---
|
|
|
|
- name: Install packages
|
|
become: true
|
|
ansible.builtin.apt:
|
|
name:
|
|
- sudo
|
|
- vim
|
|
- bash-completion
|
|
- mutt
|
|
- ripgrep
|
|
state: present
|
|
|
|
- name: Get unix accounts
|
|
become: true
|
|
ansible.builtin.getent:
|
|
database: passwd
|
|
|
|
- name: Copy bash aliases for accounts using bash
|
|
become: true
|
|
loop: "{{ ansible_facts.getent_passwd | dict2items }}"
|
|
ansible.builtin.template:
|
|
src: bash_aliases.j2
|
|
dest: "{{ item.value.4 }}/.bash_aliases"
|
|
owner: "{{ item.key }}"
|
|
group: "{{ item.key }}"
|
|
mode: "644"
|
|
when: item.key in ('root', ansible_user_id)
|
|
|
|
- name: Copy bashrc for accounts using bash
|
|
become: true
|
|
loop: "{{ ansible_facts.getent_passwd | dict2items }}"
|
|
ansible.builtin.template:
|
|
src: bashrc.j2
|
|
dest: "{{ item.value.4 }}/.bashrc"
|
|
owner: "{{ item.key }}"
|
|
group: "{{ item.key }}"
|
|
mode: "644"
|
|
when: item.key in ('root', ansible_user_id)
|
|
|
|
- name: Setup etckeeper
|
|
ansible.builtin.include_role:
|
|
name: etckeeper
|
|
|
|
- name: Copy sshd_config
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: sshd_config.j2
|
|
dest: /etc/ssh/sshd_config.d/00-common.conf
|
|
mode: "644"
|
|
owner: root
|
|
group: root
|
|
notify: Restart sshd service
|
|
|
|
- name: Copy sudoers file for root without password
|
|
become: true
|
|
ansible.builtin.copy:
|
|
content: "{{ ansible_user_id }} ALL=(ALL) NOPASSWD: ALL"
|
|
dest: "/etc/sudoers.d/{{ ansible_user_id }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0440
|
|
validate: 'visudo -cf %s'
|