| Rev | Line | |
|---|
| [13835] | 1 | --- |
|---|
| 2 | # This ansible-playbook provisions a host to look more like |
|---|
| 3 | # freshly-from-hetzner. |
|---|
| 4 | # |
|---|
| 5 | # What it does: |
|---|
| 6 | # enable root access via password (password: 'vagrant') |
|---|
| 7 | # What it *not* does: |
|---|
| 8 | # remove vagrant user (needed for provisions done in here) |
|---|
| 9 | # |
|---|
| 10 | # This playbook should be called by vagrant as part of |
|---|
| 11 | # host setup. |
|---|
| 12 | # |
|---|
| 13 | - hosts: all |
|---|
| 14 | become: yes |
|---|
| 15 | remote_user: root |
|---|
| 16 | handlers: |
|---|
| 17 | - name: restart sshd |
|---|
| 18 | service: name=ssh state=restarted |
|---|
| 19 | |
|---|
| 20 | tasks: |
|---|
| 21 | - name: "Tell uname" |
|---|
| 22 | command: uname -a |
|---|
| 23 | |
|---|
| 24 | - name: "Enable sshd root access with password" |
|---|
| 25 | lineinfile: dest=/etc/ssh/sshd_config |
|---|
| 26 | regexp="^PermitRootLogin" |
|---|
| 27 | line="PermitRootLogin yes" |
|---|
| 28 | owner="root" |
|---|
| 29 | group="root" |
|---|
| 30 | state="present" |
|---|
| 31 | notify: |
|---|
| 32 | - restart sshd |
|---|
| 33 | |
|---|
| 34 | - name: "Set root password to 'vagrant'" |
|---|
| 35 | user: name=root |
|---|
| 36 | update_password=always |
|---|
| 37 | password="$6$oTFfb32l$mGKYqJsXpH/A03SIY.Y03XcROSP1ElwgvvvUcuywBqvVDr6fBe7QAKSBHgzRhjJ//ngXHUr95YRQityCnOyOH1" |
|---|
| 38 | |
|---|
| 39 | - name: "Unlock root account." |
|---|
| 40 | command: passwd -u root |
|---|
| [13841] | 41 | |
|---|
| 42 | - name: "vagrant-provision | restart sshd" |
|---|
| 43 | service: name="ssh" enabled=yes state=restarted |
|---|
Note: See
TracBrowser for help on using the repository browser.
