computer-playbook/roles/backups-provider-user/tasks/main.yml

47 lines
1.1 KiB
YAML

- name: create backup user
user:
name: backup
create_home: yes
when: run_once_backups_provider_user is not defined
- name: create .ssh directory
file:
path: /home/backup/.ssh
state: directory
owner: backup
group: backup
mode: '0700'
when: run_once_backups_provider_user is not defined
- name: create /home/backup/.ssh/authorized_keys
template:
src: "authorized_keys.j2"
dest: /home/backup/.ssh/authorized_keys
owner: backup
group: backup
mode: '0644'
when: run_once_backups_provider_user is not defined
- name: create /home/backup/ssh-wrapper.sh
copy:
src: "ssh-wrapper.sh"
dest: /home/backup/ssh-wrapper.sh
owner: backup
group: backup
mode: '0700'
when: run_once_backups_provider_user is not defined
- name: grant backup sudo rights
copy:
src: "backup"
dest: /etc/sudoers.d/backup
mode: '0644'
owner: root
group: root
notify: sshd restart
when: run_once_backups_provider_user is not defined
- name: run the backups_provider_user tasks once
set_fact:
run_once_backups_provider_user: true
when: run_once_backups_provider_user is not defined