...
 
Commits (2)
...@@ -86,6 +86,11 @@ Ce playbook réalise les opérations usuelles après une installation de machine ...@@ -86,6 +86,11 @@ Ce playbook réalise les opérations usuelles après une installation de machine
* Activation de l'accès par le LDAP; * Activation de l'accès par le LDAP;
* Installation de ZSH; * Installation de ZSH;
* Installation de Vim; * Installation de Vim;
* Installation de Molly-guard;
* Installation de Htop;
* Installation de Mtr-tiny;
* Installation de Lnav;
* Installation de Nload;
* Installation d'apticron; * Installation d'apticron;
* Déploiement du motd Rézo. * Déploiement du motd Rézo.
......
...@@ -26,6 +26,21 @@ ...@@ -26,6 +26,21 @@
- name: Install vim - name: Install vim
apt: apt:
name: vim name: vim
- name: Install Molly-Guard
apt:
name: molly-guard
- name: Install Htop
apt:
name: htop
- name: Install Mtr
apt:
name: mtr-tiny
- name: Install Lnav
apt:
name: lnav
- name: Install Nload
apt:
name: nload
- include_role: - include_role:
name: sendmail name: sendmail
- include_role: - include_role:
......
- name: Install libnss-ldapd - name: Install libnss-ldapd
apt: apt:
name: libnss-ldapd,libpam-ldapd,nslcd name: libnss-ldapd,libpam-ldapd,nslcd
- name: Stop nscd service
service:
name: nscd
state: stopped
- name: Copy nsswitch.conf - name: Copy nsswitch.conf
copy: copy:
dest: /etc/nsswitch.conf dest: /etc/nsswitch.conf
src: nsswitch.conf src: nsswitch.conf
mode: 0640 mode: 0640
register: nsswitch
- name: configure nslcd - name: configure nslcd
template: template:
src: nslcd.conf.j2 src: nslcd.conf.j2
dest: /etc/nslcd.conf dest: /etc/nslcd.conf
mode: 0640 mode: 0640
register: nslcd
- name: Restart nslcd service - name: Restart nslcd service
service: service:
name: nslcd name: nslcd
state: restarted state: restarted
- name: Start nscd service when: nsswitch.changed or nslcd.changed
- name: Restart nscd service
service: service:
name: nscd name: nscd
state: started state: started
when: nsswitch.changed or nslcd.changed
- name: Allow rezo group to ssh on the server - name: Allow rezo group to ssh on the server
lineinfile: lineinfile:
dest: /etc/ssh/sshd_config dest: /etc/ssh/sshd_config
line: AllowGroups ssh rezo line: AllowGroups ssh rezo
register: allow_rezo
- name: Add root to the ssh group - name: Add root to the ssh group
user: user:
name: root name: root
group: ssh group: ssh
append: yes append: yes
register: root_ssh
- name: Restart ssh - name: Restart ssh
service: service:
name: ssh name: ssh
state: restarted state: restarted
when: allow_rezo.changed or root_ssh.changed
- name: Create /home/ at first login - name: Create /home/ at first login
lineinfile: lineinfile:
dest: /etc/pam.d/common-session dest: /etc/pam.d/common-session
......