infrastructure/ansible/roles/fail2ban_ssh/tasks/main.yml
Jake Howard 2af9f8529d
All checks were successful
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Fix new ansible-lint errors
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00

34 lines
812 B
YAML

- name: Make user
user:
name: "{{ f2b_user }}"
comment: "{{ me.user }}"
shell: /home/{{ f2b_user }}/f2b-entrypoint.sh
system: false
become: true
- name: Give user sudo access to client
lineinfile:
path: /etc/sudoers
line: "{{ f2b_user }} ALL=(ALL) NOPASSWD: /usr/bin/fail2ban-client"
become: true
- name: Allow custom shell
lineinfile:
path: /etc/shells
line: /home/{{ f2b_user }}/f2b-entrypoint.sh
become: true
- name: Create entrypoint
template:
src: files/f2b-entrypoint.sh
dest: /home/{{ f2b_user }}/f2b-entrypoint.sh
mode: "755"
become: true
register: sshd_config
- name: Set up authorized keys
ansible.posix.authorized_key:
user: "{{ f2b_user }}"
state: present
key: "{{ lookup('file', 'files/f2b_key.pub') }}"
become: true