3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
16 - name: Create Sudo user and ssh key pair for it.
18 name: "{{ sudo_user }}"
19 password: "{{ sudo_user_password }}"
22 ssh_key_file: .ssh/id_rsa
26 - name: Add to sudoer list
28 content: "{{ sudo_user }} ALL=(ALL) NOPASSWD:ALL"
29 dest: "/etc/sudoers.d/{{ sudo_user }}"
32 - name: Fetch the generated public ssh key
34 src: "/home/{{ sudo_user }}/.ssh/id_rsa.pub"
35 dest: "/tmp/id_rsa.pub"
37 when: inventory_hostname == groups['all'][0]
41 - name: Ensure root's new public ssh key is in authorized_keys
43 user: "{{ sudo_user }}"
44 key: "{{ lookup('file','/tmp/id_rsa.pub') }}"
49 - name: Ensure there is a private key /etc/userconfig/id_rsa in virtual env. Provide read permissions to all users
51 path: "/etc/userconfig/id_rsa"
53 when: facter_virtual == "kvm"
55 - name: Ensure root has a .ssh directory
62 when: facter_virtual == "kvm"
64 - name: Copy /etc/userconfig/id_rsa /root/.ssh/id_rsa
66 src: /etc/userconfig/id_rsa
67 dest: /root/.ssh/id_rsa
71 when: facter_virtual == "kvm"
73 - name: Default http config listens on port 80, comment it.
75 path: "/etc/httpd/conf/httpd.conf"