teaching-webterm/ansible/tasks/setup_sshaccess.yml

39 lines
1.2 KiB
YAML
Raw Permalink Normal View History

2022-05-26 15:31:39 +00:00
---
# Password needs to be encrypted. Use the following command to change password
# python3 -c 'import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass("Confirm: ")) else exit())'
2022-05-31 00:14:12 +00:00
- name: "Add the user '{{ sshwifty_ssh_user }}'"
2022-05-26 15:31:39 +00:00
ansible.builtin.user:
2022-05-30 19:35:02 +00:00
name: "{{ sshwifty_ssh_user }}"
password: "{{ sshwifty_ssh_password | password_hash('sha512') }}"
2022-05-26 15:31:39 +00:00
shell: /bin/bash
state: present
update_password: always
2022-05-30 19:35:02 +00:00
- name: Change SSH config to allow connections with password
ansible.builtin.copy:
dest: /etc/ssh/sshd_config.d/sshwifty_with_password.conf
content: |
PasswordAuthentication yes
register: ssh_service_conf
- name: Restart SSH service to take in account new changes
ansible.builtin.service:
name: ssh
state: restarted
when: ssh_service_conf.changed
- name: "adding existing user {{ sshwifty_ssh_user }} to group docker"
user:
name: "{{ sshwifty_ssh_user }}"
groups:
- docker
- sudo
append: 'yes'
- name: Change SUDO config to allow sudo without password to %sudo group
ansible.builtin.copy:
dest: /etc/sudoers.d/sudo_no_pass
content: |
%sudo ALL=(ALL) NOPASSWD: ALL
2022-05-26 15:31:39 +00:00
#