majic-ansible-roles Files · roles/bootstrap/tasks/main.yml

Files @ 7977a2033d9a

Branch filter:

Location: majic-ansible-roles/roles/bootstrap/tasks/main.yml

7977a2033d9a 753 B text/x-yaml Show Annotation Show as Raw Download as Raw

branko

Noticket: Fixed ldap_permissions module - if no olcAccess rules are defined, assume empty list (otherwise we get key lookup exception).

---

- name: Install sudo
  apt: name=sudo state=installed

- name: Set-up the Ansible group
  group: name=ansible system=yes

- name: Set-up the Ansible user
  user: name=ansible system=yes group=ansible shell=/bin/bash

- name: Set-up authorized key for the Ansible user
  authorized_key: user=ansible key="{{ ansible_key }}"

- name: Set-up password-less sudo for the ansible user
  copy: src=ansible_sudo dest=/etc/sudoers.d/ansible mode=640 owner=root group=root

- name: Revoke rights for Ansible user to log-in as root to server via ssh
  authorized_key: user=root key="{{ ansible_key }}" state=absent

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "handlers | default(False) | bool() == True"
  tags:
    - handlers