40 lines
1.0 KiB
YAML
40 lines
1.0 KiB
YAML
|
---
|
||
|
|
- hosts: all
|
||
|
|
|
||
|
|
tasks:
|
||
|
|
- name: "Ensure normal user exists called: {{ sysadmin_username }}."
|
||
|
|
ansible.builtin.user:
|
||
|
|
name: "{{ sysadmin_username }}"
|
||
|
|
shell: /bin/bash
|
||
|
|
register: new_sysadmin
|
||
|
|
|
||
|
|
- name: Copy ssh directory
|
||
|
|
ansible.builtin.copy:
|
||
|
|
remote_src: true
|
||
|
|
src: /root/.ssh
|
||
|
|
dest: "/home/{{ sysadmin_username }}/"
|
||
|
|
owner: "{{ sysadmin_username }}"
|
||
|
|
group: "{{ sysadmin_username }}"
|
||
|
|
when: new_sysadmin.changed
|
||
|
|
|
||
|
|
- name: Ensure doas is installed.
|
||
|
|
ansible.builtin.package:
|
||
|
|
name: doas
|
||
|
|
state: present
|
||
|
|
|
||
|
|
- name: Configure doas.
|
||
|
|
ansible.builtin.template:
|
||
|
|
src: doas.conf.j2
|
||
|
|
dest: /etc/doas.conf
|
||
|
|
|
||
|
|
# Ubuntu requires setting a root password before `sudo` can be removed.
|
||
|
|
# - name: Try removing sudo.
|
||
|
|
# ansible.builtin.package:
|
||
|
|
# name: sudo
|
||
|
|
# state: absent
|
||
|
|
# tags: test
|
||
|
|
# environment:
|
||
|
|
# SUDO_FORCE_REMOVE: yes
|
||
|
|
|
||
|
|
- import_playbook: ../../ssh.yml
|
||
|
|
- import_playbook: ../../linux.yml
|