Browse Source

Initial commit

master
Alex 12 months ago
commit
1da390b50c
Signed by: caskd GPG Key ID: F92BA85F61F4C173
  1. 35
      tasks/main.yml

35
tasks/main.yml

@ -0,0 +1,35 @@
- name: Create users
loop: "{{ sftp_chroot }}"
user:
name: '{{ item.user }}'
shell: /usr/bin/nologin
home: '{{ item.home }}'
password_lock: no
tags:
- users
- sftp_chroot
- name: Configure OpenSSH daemon
loop: "{{ sftp_chroot }}"
blockinfile:
path: /etc/ssh/sshd_config
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.user }}"
block: |
Match User seedbox
AuthorizedKeysFile /etc/ssh/authorized_keys/{{ item.user }}
ChrootDirectory {{ item.home }}
ForceCommand internal-sftp
AllowTcpForwarding no
X11Forwarding no
PasswordAuthentication no
notify: Run service actions
tags:
- sftp_chroot
- name: Copy public keys
loop: "{{ sftp_chroot }}"
copy:
follow: yes
content: '{{ item.key }}'
dest: '/etc/ssh/authorized_keys/{{ item.user }}'
tags:
- keys
- sftp_chroot