35 lines
812 B
YAML
35 lines
812 B
YAML
- name: Make user
|
|
user:
|
|
name: "{{ f2b_user }}"
|
|
comment: "{{ me.user }}"
|
|
shell: /home/{{ f2b_user }}/f2b-entrypoint.sh
|
|
system: false
|
|
become: true
|
|
|
|
- name: Give user sudo access to client
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
line: "{{ f2b_user }} ALL=(ALL) NOPASSWD: /usr/bin/fail2ban-client"
|
|
become: true
|
|
|
|
- name: Allow custom shell
|
|
lineinfile:
|
|
path: /etc/shells
|
|
line: /home/{{ f2b_user }}/f2b-entrypoint.sh
|
|
become: true
|
|
|
|
- name: Create entrypoint
|
|
template:
|
|
src: files/f2b-entrypoint.sh
|
|
dest: /home/{{ f2b_user }}/f2b-entrypoint.sh
|
|
mode: "755"
|
|
become: true
|
|
register: sshd_config
|
|
|
|
- name: Set up authorized keys
|
|
ansible.posix.authorized_key:
|
|
user: "{{ f2b_user }}"
|
|
state: present
|
|
key: "{{ lookup('file', 'files/f2b_key.pub') }}"
|
|
become: true
|