source: main/waeup-ansible/vhost-bootstrap.yml @ 15554

Last change on this file since 15554 was 14923, checked in by uli, 7 years ago

Add a bootstrapper for vhosts.

File size: 939 bytes
RevLine 
[14923]1---
2# This ansible-playbook prepares freshly initiated vagrant
3# servers for work with ansible.
4#
5# It should be played as first thing after running `vagrant`
6# on the remote host.
7#
8# The documentation for this playbook is in `README.vhosts.rst`.  Please read
9# it! Do not run this playbook without having read the README.
10#
11- hosts: yet-untouched
12  become: yes
13  vars:
14    # Enable root access via SSH? Set to false not before user
15    # accounts are active.
16    permit_ssh_root: false
17
18  roles:
19  - openssh
20
21  handlers:
22  - name: "Restart sshd"
23    service:
24      name="ssh"
25      enabled=yes
26      state=restarted
27
28  tasks:
29  - name: Disable SSH root access
30    # make sure this is not run before you can log in otherwise!
31    lineinfile:
32      dest=/etc/ssh/sshd_config
33      backrefs=yes
34      line='PermitRootLogin no'
35      regexp='^PermitRootLogin yes'
36      state=present
37    notify: "restart sshd"
38    when: not permit_ssh_root
Note: See TracBrowser for help on using the repository browser.