mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-01 02:33:10 +01:00
47 lines
1.1 KiB
YAML
47 lines
1.1 KiB
YAML
- name: create backup user
|
|
user:
|
|
name: backup
|
|
create_home: yes
|
|
when: run_once_backups_provider_user is not defined
|
|
|
|
- name: create .ssh directory
|
|
file:
|
|
path: /home/backup/.ssh
|
|
state: directory
|
|
owner: backup
|
|
group: backup
|
|
mode: '0700'
|
|
when: run_once_backups_provider_user is not defined
|
|
|
|
- name: create /home/backup/.ssh/authorized_keys
|
|
template:
|
|
src: "authorized_keys.j2"
|
|
dest: /home/backup/.ssh/authorized_keys
|
|
owner: backup
|
|
group: backup
|
|
mode: '0644'
|
|
when: run_once_backups_provider_user is not defined
|
|
|
|
- name: create /home/backup/ssh-wrapper.sh
|
|
copy:
|
|
src: "ssh-wrapper.sh"
|
|
dest: /home/backup/ssh-wrapper.sh
|
|
owner: backup
|
|
group: backup
|
|
mode: '0700'
|
|
when: run_once_backups_provider_user is not defined
|
|
|
|
- name: grant backup sudo rights
|
|
copy:
|
|
src: "backup"
|
|
dest: /etc/sudoers.d/backup
|
|
mode: '0644'
|
|
owner: root
|
|
group: root
|
|
notify: sshd restart
|
|
when: run_once_backups_provider_user is not defined
|
|
|
|
- name: run the backups_provider_user tasks once
|
|
set_fact:
|
|
run_once_backups_provider_user: true
|
|
when: run_once_backups_provider_user is not defined |