Initial commit

2020-05-18 18:46:58 +02:00 · 2020-05-18 18:46:58 +02:00 · 1da390b50c
commit 1da390b50c
1 changed files with 35 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -0,0 +1,35 @@
+- name: Create users
+  loop: "{{ sftp_chroot }}"
+  user:
+        name: '{{ item.user }}'
+        shell: /usr/bin/nologin
+        home: '{{ item.home }}'
+        password_lock: no
+  tags:
+        - users
+        - sftp_chroot
+- name: Configure OpenSSH daemon
+  loop: "{{ sftp_chroot }}"
+  blockinfile:
+        path: /etc/ssh/sshd_config
+        marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.user }}"
+        block: |
+                Match User seedbox
+                AuthorizedKeysFile /etc/ssh/authorized_keys/{{ item.user }}
+                ChrootDirectory {{ item.home }}
+                ForceCommand internal-sftp
+                AllowTcpForwarding no
+                X11Forwarding no
+                PasswordAuthentication no
+  notify: Run service actions
+  tags:
+        - sftp_chroot
+- name: Copy public keys
+  loop: "{{ sftp_chroot }}"
+  copy:
+        follow: yes
+        content: '{{ item.key }}'
+        dest: '/etc/ssh/authorized_keys/{{ item.user }}'
+  tags:
+        - keys
+        - sftp_chroot