1 files changed, 56 insertions, 0 deletions
diff --git a/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml b/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml
new file mode 100644
index 0000000..29cf529
--- /dev/null
+++ b/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml
@@ -0,0 +1,56 @@
+- name: Make sure we have a 'wheel' group
+  group:
+    name: wheel
+    state: present
+- name: Allow 'wheel' group to have passwordless sudo
+  lineinfile:
+    dest: /etc/sudoers
+    state: present
+    regexp: '^%wheel'
+    line: '%wheel ALL=(ALL) NOPASSWD: ALL'
+    validate: visudo -cf %s
+- name: Add sudoers users to wheel group
+  user:
+    name: clarkzjw
+    groups: wheel
+    append: yes
+- name: Set authorized keys taken from url
+  authorized_key:
+    user: clarkzjw
+    state: present
+    key: https://github.com/clarkzjw.keys
+- name: Add Tailscale GPG apt Key
+  apt_key:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
+    keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
+    state: present
+- name: Add Tailscale Repository
+  get_url:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
+    dest: /etc/apt/sources.list.d/tailscale.list
+- name: Install Tailscale
+  apt:
+    name:
+      - tailscale
+    update_cache: true
+- name: Disable Root Login
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^PermitRootLogin yes'
+    line: "PermitRootLogin no"
+    state: present
+    backup: yes
+- name: Restart SSHD
+  systemd:
+    name: ssh
+    enabled: true
+    state: restarted
+    daemon_reload: true

diff --git a/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml b/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml new file mode 100644 index 0000000..29cf529 --- /dev/null +++ b/clarkzjw.ca/config/atlas/ansible/roles/init/tasks/main.yaml
@@ -0,0 +1,56 @@
	1	- name: Make sure we have a 'wheel' group
	2	group:
	3	name: wheel
	4	state: present
	5
	6	- name: Allow 'wheel' group to have passwordless sudo
	7	lineinfile:
	8	dest: /etc/sudoers
	9	state: present
	10	regexp: '^%wheel'
	11	line: '%wheel ALL=(ALL) NOPASSWD: ALL'
	12	validate: visudo -cf %s
	13
	14	- name: Add sudoers users to wheel group
	15	user:
	16	name: clarkzjw
	17	groups: wheel
	18	append: yes
	19
	20	- name: Set authorized keys taken from url
	21	authorized_key:
	22	user: clarkzjw
	23	state: present
	24	key: https://github.com/clarkzjw.keys
	25
	26	- name: Add Tailscale GPG apt Key
	27	apt_key:
	28	url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
	29	keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
	30	state: present
	31
	32	- name: Add Tailscale Repository
	33	get_url:
	34	url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
	35	dest: /etc/apt/sources.list.d/tailscale.list
	36
	37	- name: Install Tailscale
	38	apt:
	39	name:
	40	- tailscale
	41	update_cache: true
	42
	43	- name: Disable Root Login
	44	lineinfile:
	45	dest: /etc/ssh/sshd_config
	46	regexp: '^PermitRootLogin yes'
	47	line: "PermitRootLogin no"
	48	state: present
	49	backup: yes
	50
	51	- name: Restart SSHD
	52	systemd:
	53	name: ssh
	54	enabled: true
	55	state: restarted
	56	daemon_reload: true