mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-10 06:51:04 +01:00
42 lines
857 B
YAML
42 lines
857 B
YAML
- name: create backup user
|
|
user:
|
|
name: backup
|
|
create_home: yes
|
|
|
|
- name: create .ssh directory
|
|
file:
|
|
path: /home/backup/.ssh
|
|
state: directory
|
|
owner: backup
|
|
group: backup
|
|
mode: '0700'
|
|
|
|
- name: register hashed_machine_id
|
|
shell: sha256sum /etc/machine-id | head -c 64
|
|
register: hashed_machine_id
|
|
|
|
- name: create /home/backup/.ssh/authorized_keys
|
|
template:
|
|
src: "authorized_keys.j2"
|
|
dest: /home/backup/.ssh/authorized_keys
|
|
owner: backup
|
|
group: backup
|
|
mode: '0644'
|
|
|
|
- name: create /home/backup/ssh-wrapper.sh
|
|
template:
|
|
src: "ssh-wrapper.sh.j2"
|
|
dest: /home/backup/ssh-wrapper.sh
|
|
owner: backup
|
|
group: backup
|
|
mode: '0700'
|
|
|
|
- name: grant backup sudo rights
|
|
copy:
|
|
src: "backup"
|
|
dest: /etc/sudoers.d/backup
|
|
mode: '0644'
|
|
owner: root
|
|
group: root
|
|
notify: sshd restart
|