Commit | Line | Data |
---|---|---|
3f6c5992 MW |
1 | --- |
2 | ||
3 | ###-------------------------------------------------------------------------- | |
4 | ### General permissions. | |
5 | ||
6 | - name: fix permissions in /root | |
7 | tags: [perms, root-perms] | |
8 | file: name=/root mode=0750 owner=root group=root | |
9 | ||
10 | ###-------------------------------------------------------------------------- | |
11 | ### PKI machinery. | |
12 | ||
13 | - name: install PKI maintenance scripts | |
14 | tags: [pki] | |
15 | copy: src=pki/{{ item }} dest=/etc/cron.daily | |
16 | with_items: | |
17 | - update-ca-certs | |
18 | - check-x509-certs | |
19 | ||
20 | ###-------------------------------------------------------------------------- | |
21 | ### NTP configuration. | |
22 | ||
23 | - name: install NTP configuration files | |
24 | tags: [ntp, ntp-client] | |
25 | copy: src=ntp-client/ntp.conf dest=/etc | |
26 | when: server is not defined or 'ntp' not in server | |
27 | notify: restart ntpd | |
28 | ||
29 | ###-------------------------------------------------------------------------- | |
30 | ### SSH configuration. | |
31 | ||
32 | - name: install SSH configuration files | |
33 | tags: [ssh, ssh-config] | |
34 | copy: src=ssh-config/{{ item }} dest=/etc/ssh | |
35 | notify: restart ssh | |
36 | with_items: | |
37 | - Makefile | |
38 | - ssh_config | |
39 | - sshd_config.m4 | |
40 | - moduli | |
41 | ||
42 | - name: install main keys for root SSH access | |
43 | tags: [ssh, ssh-root] | |
44 | template: src=ssh-root-authkeys dest=/root/.ssh/authkeys.base | |
45 | ||
46 | - name: install keys for root SSH access | |
47 | tags: [ssh, ssh-root] | |
48 | copy: src=ssh-root/{{ item }} dest=/root/.ssh | |
49 | with_items: | |
50 | - Makefile | |
51 | - config.m4 | |
52 | - known_hosts.extra | |
53 | ||
54 | ###----- That's all, folks -------------------------------------------------- |