2021-12-12 05:56:26 +01:00
|
|
|
#!/usr/bin/env ansible-playbook
|
|
|
|
|
---
|
2022-02-08 09:38:21 +01:00
|
|
|
- hosts: all,!unifi
|
2021-12-12 05:56:26 +01:00
|
|
|
vars:
|
2021-12-12 06:08:27 +01:00
|
|
|
openssh_users_ca_public_key:
|
|
|
|
|
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAAB\
|
|
|
|
|
hBIpT7d7WeR88bs53KkNkZNOzkPJ7CQ5Ui6Wl9LXzAjjIdH+hKJieBMHrKew7+kzxGYaTqXW\
|
|
|
|
|
F1fQWsACG6aniy7VZpsdgTaNw7qr9frGfmo950V7IlU6w1HRc5c+3oVBWpg=="
|
2021-12-12 05:56:26 +01:00
|
|
|
openssh_authorized_principals:
|
|
|
|
|
- any
|
|
|
|
|
- "{{ inventory_hostname }}"
|
2022-02-08 09:38:21 +01:00
|
|
|
openssh_whitelist_groups: "{{ ['adherent']
|
|
|
|
|
if inventory_hostname == 'camelot.adm.auro.re'
|
|
|
|
|
else [] }}"
|
|
|
|
|
openssh_allow_passwords: "{{ inventory_hostname == 'camelot.adm.auro.re' }}"
|
2021-12-12 05:56:26 +01:00
|
|
|
roles:
|
|
|
|
|
- openssh_server
|
|
|
|
|
...
|
