Update the setup tasks

Signed-off-by: Noah Knegt <git@noahknegt.com>
2024-04-12 15:12:30 +02:00
parent f12f17658b
commit 2cdea1f6c3
12 changed files with 116 additions and 81 deletions
--- a/roles/setup/tasks/system/openssh.yml
+++ b/roles/setup/tasks/system/openssh.yml
@@ -9,20 +9,22 @@

 ---
 - name: Install or update openssh
-  package:
-    name: "{{ openssh_package }}"
-    state: latest
+  ansible.builtin.package:
+    name: "{{ setup_openssh_package }}"
+    state: present
  notify:
    - restart_sshd

- name: enable ssh daemon
-  service:
+- name: Enable ssh daemon
+  when: inventory_hostname in groups['datacenter']
+  ansible.builtin.service:
    name: "{{ openssh_service }}"
    state: started
    enabled: true

- name: configure sshd
-  template:
+- name: Configure sshd
+  when: inventory_hostname in groups['datacenter']
+  ansible.builtin.template:
    src: sshd_config.j2
    dest: /etc/ssh/sshd_config
    owner: root
@@ -31,10 +33,24 @@
  notify:
    - restart_sshd

- name: copy sshd banner
-  copy:
+- name: Copy sshd banner
+  ansible.builtin.copy:
    src: ssh_banner.net
    dest: /etc/issue.net
    owner: root
    group: root
    mode: 0644
+
+- name: Copy ssh public key
+  ansible.builtin.authorized_key:
+    user: ansible
+    key: "{{ item }}"
+  with_file:
+    - ansible/ansible.pub
+
+- name: Copy ssh public key
+  ansible.builtin.authorized_key:
+    user: noahk
+    key: "{{ item }}"
+  with_file:
+    - noahk/noahk.pub