24 lines
690 B
YAML
24 lines
690 B
YAML
---
|
|
# Install and configure main LDAP tools
|
|
- include_tasks: install_ldap.yml
|
|
|
|
# Filter who can access server and sudo on groups
|
|
- include_tasks: 1_group_security.yml
|
|
|
|
# Some userland scripts specific to LDAP install
|
|
- include_tasks: 2_userland_scripts.yml
|
|
|
|
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568577
|
|
- name: Ensure home directories are created upon login
|
|
lineinfile:
|
|
dest: /etc/pam.d/common-account
|
|
regexp: 'pam_mkhomedir\.so'
|
|
line: "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077"
|
|
|
|
# If LDAP crashes
|
|
- name: Install SSH keys for root account
|
|
authorized_key:
|
|
user: root
|
|
key: "{{ ssh_pub_keys }}"
|
|
state: present
|
|
exclusive: true
|