34 lines
891 B
YAML
34 lines
891 B
YAML
- name: Add backup share user
|
|
user:
|
|
name: "{{ backup_share_user }}"
|
|
create_home: false
|
|
password: '!'
|
|
shell: /sbin/nologin
|
|
system: true
|
|
- name: Add backup control user
|
|
user:
|
|
name: "{{ backup_control_user }}"
|
|
password: '!'
|
|
shell: /usr/bin/sh
|
|
system: true
|
|
groups: "libvirt"
|
|
- name: Copy control script
|
|
copy:
|
|
src: "backup_control.sh"
|
|
dest: "/home/{{ backup_control_user }}/control.sh"
|
|
owner: "{{ backup_control_user }}"
|
|
group: "{{ backup_control_user }}"
|
|
mode: u=rx,g=rx,o=rx
|
|
- name: Add backup user principals file
|
|
copy:
|
|
dest: "/etc/ssh/backup_principals"
|
|
content: "backup"
|
|
- name: Install user CA
|
|
copy:
|
|
dest: "/etc/ssh/user_ca_key.pub"
|
|
content: "{{ user_ca }}"
|
|
- name: Copy ssh config for backup user
|
|
template:
|
|
src: "sshd.conf.j2"
|
|
dest: "/etc/ssh/sshd_config.d/custom.conf"
|
|
notify: restart sshd
|