25 lines
655 B
YAML
25 lines
655 B
YAML
- name: Bootstrap SSH access
|
|
hosts: all
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Ensure .ssh directory exists
|
|
file:
|
|
path: "/home/{{ bootstrap_user }}/.ssh"
|
|
state: directory
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: "0700"
|
|
|
|
- name: Install authorized key
|
|
authorized_key:
|
|
user: "{{ bootstrap_user }}"
|
|
state: present
|
|
key: "{{ lookup('file', '~/.ssh/id_ed25519.pub') }}"
|
|
|
|
- name: Allow passwordless sudo
|
|
copy:
|
|
dest: /etc/sudoers.d/{{ bootstrap_user }}
|
|
content: "{{ bootstrap_user }} ALL=(ALL) NOPASSWD:ALL\n"
|
|
mode: "0440"
|