From 61b24b7f9da768902886747ea70e5b91695edad0 Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Fri, 13 Jan 2023 15:43:30 -0800
Subject: fix init

---
 .../config/atlas/roles/init/tasks/main.yaml        | 32 ++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'clarkzjw.ca/config/atlas/roles/init')

diff --git a/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml b/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
index cc69403..29cf529 100644
--- a/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
+++ b/clarkzjw.ca/config/atlas/roles/init/tasks/main.yaml
@@ -22,3 +22,35 @@
     user: clarkzjw
     state: present
     key: https://github.com/clarkzjw.keys
+
+- name: Add Tailscale GPG apt Key
+  apt_key:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
+    keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
+    state: present
+
+- name: Add Tailscale Repository
+  get_url:
+    url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
+    dest: /etc/apt/sources.list.d/tailscale.list
+
+- name: Install Tailscale
+  apt:
+    name:
+      - tailscale
+    update_cache: true
+
+- name: Disable Root Login
+  lineinfile:
+    dest: /etc/ssh/sshd_config
+    regexp: '^PermitRootLogin yes'
+    line: "PermitRootLogin no"
+    state: present
+    backup: yes
+
+- name: Restart SSHD
+  systemd:
+    name: ssh
+    enabled: true
+    state: restarted
+    daemon_reload: true
-- 
cgit v1.2.3