valleyforge/resist-vpn-infra
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
resist-vpn-infra/roles/ssh_users/tasks/main.yml
Sparticus 28db1d2104 CIS + inital
2026-01-26 21:22:41 -05:00

32 lines
1.1 KiB
YAML
Raw Permalink Blame History

---
# SSH Users Role - Main Tasks
- name: Include user creation tasks
ansible.builtin.include_tasks: create_users.yml
when: admin_users | length > 0
- name: Include SSH key generation tasks
ansible.builtin.include_tasks: generate_keys.yml
when: admin_users | length > 0
- name: Include sudo configuration tasks
ansible.builtin.include_tasks: sudo.yml
- name: Include root restrictions tasks
ansible.builtin.include_tasks: root_restrictions.yml
- name: Include password policy tasks
ansible.builtin.include_tasks: password_policy.yml
- name: Display user management summary
ansible.builtin.debug:
msg:
- "========================================="
- "SSH User Management Complete"
- "========================================="
- "Admin users created: {{ admin_users | map(attribute='username') | list | join(', ') }}"
- "Root SSH login: {{ 'DISABLED' if disable_root_login else 'ENABLED' }}"
- "Sudo without password: {{ 'ENABLED' if sudo_nopasswd else 'DISABLED' }}"
- "SSH keys saved to: {{ ssh_keys_local_dir }}"
- "========================================="
Reference in New Issue View Git Blame Copy Permalink