main.yml 1.21 KB
Newer Older
klafyvel's avatar
klafyvel committed
1 2 3 4 5 6 7 8
- name: Install libnss-ldapd
  apt:
    name: libnss-ldapd,libpam-ldapd,nslcd
- name: Copy nsswitch.conf
  copy:
    dest: /etc/nsswitch.conf
    src: nsswitch.conf
    mode: 0640
klafyvel's avatar
klafyvel committed
9
  register: nsswitch
klafyvel's avatar
klafyvel committed
10 11 12 13 14
- name: configure nslcd
  template:
    src: nslcd.conf.j2
    dest: /etc/nslcd.conf
    mode: 0640
klafyvel's avatar
klafyvel committed
15
  register: nslcd
klafyvel's avatar
klafyvel committed
16 17 18 19
- name: Restart nslcd service
  service:
    name: nslcd
    state: restarted
klafyvel's avatar
klafyvel committed
20 21
  when: nsswitch.changed or nslcd.changed
- name: Restart nscd service
klafyvel's avatar
klafyvel committed
22 23 24
  service:
    name: nscd
    state: started
klafyvel's avatar
klafyvel committed
25
  when: nsswitch.changed or nslcd.changed
klafyvel's avatar
klafyvel committed
26 27 28 29
- name: Allow rezo group to ssh on the server
  lineinfile:
    dest: /etc/ssh/sshd_config
    line: AllowGroups ssh rezo
klafyvel's avatar
klafyvel committed
30
  register: allow_rezo
klafyvel's avatar
klafyvel committed
31 32 33 34 35
- name: Add root to the ssh group
  user:
    name: root
    group: ssh
    append: yes
klafyvel's avatar
klafyvel committed
36
  register: root_ssh
klafyvel's avatar
klafyvel committed
37 38 39 40
- name: Restart ssh
  service:
    name: ssh
    state: restarted
klafyvel's avatar
klafyvel committed
41
  when: allow_rezo.changed or root_ssh.changed
klafyvel's avatar
klafyvel committed
42 43 44 45 46 47 48 49 50 51
- name: Create /home/ at first login
  lineinfile:
    dest: /etc/pam.d/common-session
    line: session required pam_mkhomedir.so skel=/etc/skel umask=0022
- name: Set the adm group as admins
  lineinfile:
    path: /etc/sudoers
    backup: yes
    line: "%adm ALL=(ALL:ALL) ALL"
    validate: visudo -q -c -f %s