Compare commits
2 commits
f1c1afa850
...
20064cff72
| Author | SHA1 | Date | |
|---|---|---|---|
|
20064cff72 | ||
|
|
0a62a8d248 |
11 changed files with 72 additions and 0 deletions
8
roles/server_install_ssh/defaults/main.yml
Normal file
8
roles/server_install_ssh/defaults/main.yml
Normal file
|
|
@ -0,0 +1,8 @@
|
||||||
|
# Standard-SSH-Benutzer
|
||||||
|
ssh_user: skulladmin
|
||||||
|
|
||||||
|
# Platzhalter-Key
|
||||||
|
ssh_public_key: ""
|
||||||
|
|
||||||
|
# SSH-Port
|
||||||
|
ssh_port: 22
|
||||||
5
roles/server_install_ssh/handlers/main.yml
Normal file
5
roles/server_install_ssh/handlers/main.yml
Normal file
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: Restart SSH
|
||||||
|
service:
|
||||||
|
name: ssh
|
||||||
|
state: restarted
|
||||||
0
roles/server_install_ssh/meta/main.yml
Normal file
0
roles/server_install_ssh/meta/main.yml
Normal file
41
roles/server_install_ssh/tasks/main.yml
Normal file
41
roles/server_install_ssh/tasks/main.yml
Normal file
|
|
@ -0,0 +1,41 @@
|
||||||
|
---
|
||||||
|
- name: Paketlisten aktualisieren
|
||||||
|
apt:
|
||||||
|
update_cache: yes
|
||||||
|
cache_valid_time: 3600
|
||||||
|
|
||||||
|
- name: OpenSSH Server installieren
|
||||||
|
apt:
|
||||||
|
name: openssh-server
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Benutzer anlegen (falls nicht vorhanden)
|
||||||
|
user:
|
||||||
|
name: "{{ ssh_user }}"
|
||||||
|
shell: /bin/bash
|
||||||
|
create_home: yes
|
||||||
|
|
||||||
|
- name: SSH-Verzeichnis anlegen
|
||||||
|
file:
|
||||||
|
path: "/home/{{ ssh_user }}/.ssh"
|
||||||
|
state: directory
|
||||||
|
owner: "{{ ssh_user }}"
|
||||||
|
group: "{{ ssh_user }}"
|
||||||
|
mode: '0700'
|
||||||
|
|
||||||
|
- name: SSH-Key eintragen
|
||||||
|
copy:
|
||||||
|
content: "{{ ssh_public_key }}"
|
||||||
|
dest: "/home/{{ ssh_user }}/.ssh/authorized_keys"
|
||||||
|
owner: "{{ ssh_user }}"
|
||||||
|
group: "{{ ssh_user }}"
|
||||||
|
mode: '0600'
|
||||||
|
|
||||||
|
- name: SSH-Konfiguration per Template übertragen
|
||||||
|
template:
|
||||||
|
src: sshd_config.j2
|
||||||
|
dest: /etc/ssh/sshd_config
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: Restart SSH
|
||||||
18
roles/server_install_ssh/templates/sshd_config.j2
Normal file
18
roles/server_install_ssh/templates/sshd_config.j2
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
# OpenSSH server configuration (managed by Ansible)
|
||||||
|
Port {{ ssh_port }}
|
||||||
|
Protocol 2
|
||||||
|
PermitRootLogin no
|
||||||
|
PasswordAuthentication no
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
|
UsePAM yes
|
||||||
|
X11Forwarding no
|
||||||
|
AllowUsers {{ ssh_user }}
|
||||||
|
ClientAliveInterval 300
|
||||||
|
ClientAliveCountMax 2
|
||||||
|
LoginGraceTime 30
|
||||||
|
MaxAuthTries 3
|
||||||
|
AllowTcpForwarding no
|
||||||
|
PermitEmptyPasswords no
|
||||||
|
PrintMotd no
|
||||||
|
UseDNS no
|
||||||
|
Compression no
|
||||||
0
roles/server_install_ssh/vars/main.yml
Normal file
0
roles/server_install_ssh/vars/main.yml
Normal file
0
roles/template_role/defaults/main.yml
Normal file
0
roles/template_role/defaults/main.yml
Normal file
0
roles/template_role/handlers/main.yml
Normal file
0
roles/template_role/handlers/main.yml
Normal file
0
roles/template_role/meta/main.yml
Normal file
0
roles/template_role/meta/main.yml
Normal file
0
roles/template_role/tasks/main.yml
Normal file
0
roles/template_role/tasks/main.yml
Normal file
0
roles/template_role/vars/main.yml
Normal file
0
roles/template_role/vars/main.yml
Normal file
Loading…
Add table
Reference in a new issue