diff options
| -rw-r--r-- | inventory/group_vars/all/main.yml | 4 | ||||
| -rw-r--r-- | inventory/host_vars/ele-laptop.yml | 2 | ||||
| -rw-r--r-- | inventory/host_vars/ele-lt.yml | 2 | ||||
| -rw-r--r-- | roles/apt-repo/base/tasks/main.yml | 3 | ||||
| -rw-r--r-- | roles/apt-repo/blackmagic/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/apt-repo/kubernetes/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/apt-repo/riot/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/apt-repo/spreadspace/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/apt-repo/tor-project/tasks/main.yml | 5 | ||||
| -rw-r--r-- | roles/core/base/tasks/Debian.yml | 2 | ||||
| -rw-r--r-- | roles/core/sshd/defaults/main.yml | 2 | ||||
| -rw-r--r-- | roles/core/sshd/tasks/main.yml | 6 | ||||
| -rw-r--r-- | roles/docker/tasks/docker-com.yml | 5 | ||||
| -rw-r--r-- | roles/elevate/liquidtruth/tasks/nodejs.yml | 5 |
14 files changed, 11 insertions, 45 deletions
diff --git a/inventory/group_vars/all/main.yml b/inventory/group_vars/all/main.yml index 9f2d773d..afec7b49 100644 --- a/inventory/group_vars/all/main.yml +++ b/inventory/group_vars/all/main.yml @@ -12,10 +12,10 @@ ssh_users_root: ssh_keys_root: "{{ ssh_users_root | default([]) | map('extract', users) | map(attribute='ssh') | flatten | list }}" admin_users_host: [] -ssh_allowusers_host: "{{ admin_users_host }}" +sshd_allowusers_host: "{{ admin_users_host }}" admin_users_group: [] -ssh_allowusers_group: "{{ admin_users_group }}" +sshd_allowusers_group: "{{ admin_users_group }}" apt_repo_provider: default diff --git a/inventory/host_vars/ele-laptop.yml b/inventory/host_vars/ele-laptop.yml index 5227a93a..b1df8905 100644 --- a/inventory/host_vars/ele-laptop.yml +++ b/inventory/host_vars/ele-laptop.yml @@ -1,3 +1,3 @@ --- -ssh_allowusers_host: +sshd_allowusers_host: - equinox diff --git a/inventory/host_vars/ele-lt.yml b/inventory/host_vars/ele-lt.yml index 9f8e1edc..5ef66f54 100644 --- a/inventory/host_vars/ele-lt.yml +++ b/inventory/host_vars/ele-lt.yml @@ -11,7 +11,7 @@ network: {} liquidtruth_app_user: lt -ssh_allowusers_host: +sshd_allowusers_host: - "{{ liquidtruth_app_user }}" diff --git a/roles/apt-repo/base/tasks/main.yml b/roles/apt-repo/base/tasks/main.yml index a58a9c5b..44110380 100644 --- a/roles/apt-repo/base/tasks/main.yml +++ b/roles/apt-repo/base/tasks/main.yml @@ -6,8 +6,9 @@ notify: update apt cache ## aptitude is needed for package upgrade roles -- name: install aptitude +- name: install aptitude and https transport apt: name: - aptitude + - apt-transport-https state: present diff --git a/roles/apt-repo/blackmagic/tasks/main.yml b/roles/apt-repo/blackmagic/tasks/main.yml index 01cf9c99..3152d7b8 100644 --- a/roles/apt-repo/blackmagic/tasks/main.yml +++ b/roles/apt-repo/blackmagic/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: install repo key copy: src: repo.gpg diff --git a/roles/apt-repo/kubernetes/tasks/main.yml b/roles/apt-repo/kubernetes/tasks/main.yml index f2bdc0fb..0226a3ff 100644 --- a/roles/apt-repo/kubernetes/tasks/main.yml +++ b/roles/apt-repo/kubernetes/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: repo.gpg diff --git a/roles/apt-repo/riot/tasks/main.yml b/roles/apt-repo/riot/tasks/main.yml index 749ac685..060cc8e3 100644 --- a/roles/apt-repo/riot/tasks/main.yml +++ b/roles/apt-repo/riot/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: repo.gpg diff --git a/roles/apt-repo/spreadspace/tasks/main.yml b/roles/apt-repo/spreadspace/tasks/main.yml index 6c3c163f..0b3f3cd6 100644 --- a/roles/apt-repo/spreadspace/tasks/main.yml +++ b/roles/apt-repo/spreadspace/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: repo.gpg diff --git a/roles/apt-repo/tor-project/tasks/main.yml b/roles/apt-repo/tor-project/tasks/main.yml index eef39c19..2283e41a 100644 --- a/roles/apt-repo/tor-project/tasks/main.yml +++ b/roles/apt-repo/tor-project/tasks/main.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: repo.gpg diff --git a/roles/core/base/tasks/Debian.yml b/roles/core/base/tasks/Debian.yml index 13c3c9f9..bec27bf9 100644 --- a/roles/core/base/tasks/Debian.yml +++ b/roles/core/base/tasks/Debian.yml @@ -104,11 +104,11 @@ ignoreerrors: yes - name: set kernel command line options + when: install is defined and install.kernel_cmdline is defined lineinfile: path: /etc/default/grub regexp: '^#?GRUB_CMDLINE_LINUX=' line: 'GRUB_CMDLINE_LINUX="{{ install.kernel_cmdline | join(" ") }}"' - when: install is defined and install.kernel_cmdline is defined notify: update grub - name: apply stability fix/workaround for machines using intel NIC diff --git a/roles/core/sshd/defaults/main.yml b/roles/core/sshd/defaults/main.yml index 8b25827b..50cc0f15 100644 --- a/roles/core/sshd/defaults/main.yml +++ b/roles/core/sshd/defaults/main.yml @@ -1,2 +1,2 @@ --- -ssh_allow_any_user: False +sshd_allow_any_user: false diff --git a/roles/core/sshd/tasks/main.yml b/roles/core/sshd/tasks/main.yml index 24476f75..ef0e9a81 100644 --- a/roles/core/sshd/tasks/main.yml +++ b/roles/core/sshd/tasks/main.yml @@ -27,15 +27,15 @@ notify: restart ssh - name: limit allowed users - when: not ssh_allow_any_user + when: not sshd_allow_any_user lineinfile: dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" - line: "AllowUsers {{ ' '.join([ 'root' ] | union(ssh_allowusers_group) | union(ssh_allowusers_host)) }}" + line: "AllowUsers {{ ' '.join([ 'root' ] | union(sshd_allowusers_group) | union(sshd_allowusers_host)) }}" notify: restart ssh - name: allow any user - when: ssh_allow_any_user + when: sshd_allow_any_user lineinfile: dest: /etc/ssh/sshd_config regexp: "^AllowUsers\\s" diff --git a/roles/docker/tasks/docker-com.yml b/roles/docker/tasks/docker-com.yml index be8ac6ab..92e9b002 100644 --- a/roles/docker/tasks/docker-com.yml +++ b/roles/docker/tasks/docker-com.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: docker-com.gpg diff --git a/roles/elevate/liquidtruth/tasks/nodejs.yml b/roles/elevate/liquidtruth/tasks/nodejs.yml index a6361dde..78063298 100644 --- a/roles/elevate/liquidtruth/tasks/nodejs.yml +++ b/roles/elevate/liquidtruth/tasks/nodejs.yml @@ -1,9 +1,4 @@ --- -- name: install apt https transport - apt: - name: apt-transport-https - state: present - - name: add repository key copy: src: nodesource.gpg |