aboutsummaryrefslogtreecommitdiff
blob: 29cf529daaea3ea118837d9313c310a76e9052ed (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
- name: Make sure we have a 'wheel' group
  group:
    name: wheel
    state: present

- name: Allow 'wheel' group to have passwordless sudo
  lineinfile:
    dest: /etc/sudoers
    state: present
    regexp: '^%wheel'
    line: '%wheel ALL=(ALL) NOPASSWD: ALL'
    validate: visudo -cf %s

- name: Add sudoers users to wheel group
  user:
    name: clarkzjw
    groups: wheel
    append: yes

- name: Set authorized keys taken from url
  authorized_key:
    user: clarkzjw
    state: present
    key: https://github.com/clarkzjw.keys

- name: Add Tailscale GPG apt Key
  apt_key:
    url: https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg
    keyring: /usr/share/keyrings/tailscale-archive-keyring.gpg
    state: present

- name: Add Tailscale Repository
  get_url:
    url: https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list
    dest: /etc/apt/sources.list.d/tailscale.list

- name: Install Tailscale
  apt:
    name:
      - tailscale
    update_cache: true

- name: Disable Root Login
  lineinfile:
    dest: /etc/ssh/sshd_config
    regexp: '^PermitRootLogin yes'
    line: "PermitRootLogin no"
    state: present
    backup: yes

- name: Restart SSHD
  systemd:
    name: ssh
    enabled: true
    state: restarted
    daemon_reload: true
Powered by cgit v1.2.3 (git 2.41.0)