ansible/qotom.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

- hosts: qotom
  remote_user: root
  roles:
    - role: sane_debian_system
    - role: sshd
    - role: ssd
    - role: unix_users
    - role: puomi
  vars:
    ansible_python_interpreter: /usr/bin/python3

    sane_debian_system_version: 2
    sane_debian_system_hostname: "{{ inventory_hostname }}"
    sane_debian_system_codename: bullseye
    sane_debian_system_timezone: Europe/Helsinki

    unix_users_version: 2
    unix_users:
      - username: liw
        comment: Lars Wirzenius

    sshd_version: 1
    sshd_host_key: "{{ lookup('pipe', 'sshca host private-key qotom') }}"
    sshd_host_cert: "{{ lookup('pipe', 'sshca host certify liw.fi/ca/host/v4 qotom') }}"
    sshd_user_ca_pub: "{{ lookup('pipe', 'sshca ca public-key liw.fi/ca/user/v3') }}"