39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
- name: set the timezone
|
|
timezone:
|
|
name: America/Los_Angeles
|
|
|
|
- name: install common packages
|
|
apt:
|
|
name: [mosh, htop, tmux, unattended-upgrades]
|
|
|
|
- name: remove stupid bullshit that the cloud provider may have installed
|
|
apt:
|
|
name: [ufw]
|
|
state: absent
|
|
|
|
- name: check which users exist
|
|
ansible.builtin.user:
|
|
name: "{{ item }}"
|
|
loop: ["root", "finn", "debian"]
|
|
check_mode: true
|
|
register: users
|
|
|
|
- name: Ensure SSH key is set
|
|
ansible.posix.authorized_key:
|
|
user: "{{ item.item }}"
|
|
state: present
|
|
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJs5PJ6jQF7Sx3T1b1+NBXt4JRsnjGnWv8+bCf4RpwGM finn@taint
|
|
loop: "{{ users.results }}"
|
|
loop_control:
|
|
label: "{{ item.item }}"
|
|
when: item.state | d('') == 'present'
|
|
|
|
- name: Invalidate old SSH key
|
|
ansible.posix.authorized_key:
|
|
user: "{{ item.item }}"
|
|
state: absent
|
|
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMaJrZWSrAYTaCoGhW+o8HivmBj5oZi7Dei73FtCl0d finn@taint
|
|
loop: "{{ users.results }}"
|
|
loop_control:
|
|
label: "{{ item.item }}"
|
|
when: item.state | d('') == 'present'
|