Differences

This shows you the differences between two versions of the page.

--- ansible:ansible_playbook_example [2025/01/13 16:58]
manu [SSH config]
+++ ansible:ansible_playbook_example [2025/01/13 17:22] (current)
manu [SSH config]
@@ Line 425: / Line 425: @@
        name: sshd
        state: restarted
+</code>
+<code>
+---
+- hosts: all
+  tasks:
+  - name: sshd configuration file update
+    blockinfile:
+      path: /etc/ssh/sshd_config
+      insertbefore: BOF # Beginning of the file
+      marker: "# {mark} ANSIBLE MANAGED BLOCK BY LINUX-ADMIN"
+      block: |
+        PermitRootLogin no
+        PubkeyAuthentication yes
+        AuthorizedKeysFile .ssh/authorized_keys
+        PasswordAuthentication no
+      backup: yes
+      validate: /usr/sbin/sshd -T -f %s
+  - name: Restart SSHD
+    service:
+      name: sshd
+      state: restarted
+</code>
+===== SUDO config =====
+<code>
+    - name: Setup passwordless sudo
+      lineinfile:
+        path: /etc/sudoers
+        state: present
+        regexp: '^%sudo'
+        line: '%sudo ALL=(ALL) NOPASSWD: ALL'
+        validate: '/usr/sbin/visudo -cf %s'
+    - name: Create a new regular user with sudo privileges
+      user:
+        name: "{{ created_username }}"
+        state: present
+        groups: sudo
+        append: true
+        create_home: true
 </code>
 https://zakirpcs.medium.com/ssh-hardening-using-ansible-playbook-9717a2e3edfc

wiki