36 lines
1010 B
YAML
36 lines
1010 B
YAML
- name: Create users
|
|
loop: "{{ sftp_chroot }}"
|
|
user:
|
|
name: '{{ item.user }}'
|
|
shell: /usr/bin/nologin
|
|
home: '{{ item.home }}'
|
|
password_lock: no
|
|
tags:
|
|
- users
|
|
- sftp_chroot
|
|
- name: Configure OpenSSH daemon
|
|
loop: "{{ sftp_chroot }}"
|
|
blockinfile:
|
|
path: /etc/ssh/sshd_config
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.user }}"
|
|
block: |
|
|
Match User seedbox
|
|
AuthorizedKeysFile /etc/ssh/authorized_keys/{{ item.user }}
|
|
ChrootDirectory {{ item.home }}
|
|
ForceCommand internal-sftp
|
|
AllowTcpForwarding no
|
|
X11Forwarding no
|
|
PasswordAuthentication no
|
|
notify: Run service actions
|
|
tags:
|
|
- sftp_chroot
|
|
- name: Copy public keys
|
|
loop: "{{ sftp_chroot }}"
|
|
copy:
|
|
follow: yes
|
|
content: '{{ item.key }}'
|
|
dest: '/etc/ssh/authorized_keys/{{ item.user }}'
|
|
tags:
|
|
- keys
|
|
- sftp_chroot
|