technolog/ansible
1
0
Fork 0
Code Issues Pull Requests Activity

compliance ansible state indent

Browse Source
This commit is contained in:
iRaven
2025-11-30 17:48:23 -06:00
parent 1c22412a19
commit 4e220486ff
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
linux/compliance_Alpine.yaml
View File

@@ -5,12 +5,14 @@
ansible.builtin.getent: ansible.builtin.getent:
database: group database: group
split: ':' split: ':'
# Add doas package # Add doas package
- name: Install doas (for Alpine systems). - name: Install doas (for Alpine systems).
ansible.builtin.package: ansible.builtin.package:
name: name:
- doas - doas
state: present state: present
# User account (ansible) configuration # User account (ansible) configuration
- name: Add deployment user. - name: Add deployment user.
user: user:
@@ -22,6 +24,7 @@
groups: wheel groups: wheel
append: yes append: yes
when: "'wheel' in ansible_facts.getent_group" when: "'wheel' in ansible_facts.getent_group"
# Ansible user SSH pub key # Ansible user SSH pub key
# This is a really stupid way to do it, but alas. # This is a really stupid way to do it, but alas.
# This uses an environment variable named ansiblesvc_key in Semaphore which has the ssh-rsa pubkey. # This uses an environment variable named ansiblesvc_key in Semaphore which has the ssh-rsa pubkey.
@@ -37,6 +40,7 @@
dest: /home/ansible/.ssh/authorized_keys dest: /home/ansible/.ssh/authorized_keys
owner: ansible owner: ansible
group: ansible group: ansible
# Add required packages because Debian is lame # Add required packages because Debian is lame
- name: Install standard packages if not already installed. - name: Install standard packages if not already installed.
# Looking at you LXCs. >.> # Looking at you LXCs. >.>
@@ -49,6 +53,7 @@
- python3 - python3
- iftop - iftop
state: present state: present
# Give ansible doas rights with no password required. # Give ansible doas rights with no password required.
- name: Add doas rights with no password for deployment user (Alpine only) - name: Add doas rights with no password for deployment user (Alpine only)
lineinfile: lineinfile: