9 Commits

Author	SHA1	Message	Date
Jérémy Dubois	f0ecc79696	accounts: use "evobsd_internal_group" for SSH authentication	2022-01-05 11:16:18 +01:00
Jérémy Dubois	7046e193e0	Configure the ntpd.conf file and bump version	2021-07-19 15:27:57 +02:00
Jérémy Dubois	78686b8730	Stricter ssh and doas access - two separate groups actually needed ... Fix #34 again After some discussions, with actually need two separates groups : - One group for ssh access (evobsd_ssh_group) - One group for sudo/doas access (evobsd_sudo_group) We won't need any client group. A client user will be added to the ssh group, so that we won't have to think about what specific group a user need to be added in.	2020-10-15 11:01:52 +02:00
Jérémy Dubois	2bf8a7e872	Stricter ssh and doas access - better version ... Fix #34 We now use a unique evobsd_group (evolix by default). Each user has 2 groups : evobsd_group and user.name. Only evobsd_group can ssh to server and use doas. I also added a password restrictions block for IPs/group. And we make sure the home folder is only readable by owner.	2020-10-13 16:03:54 +02:00
Patrick Marchand	98089a3274	Fix yaml lint lines too long ... In some cases I used block scalars: https://yaml-multiline.info/ In other cases I added newlines In rare cases I just ignored the rule: https://yamllint.readthedocs.io/en/stable/disable_with_comments.html	2020-06-04 12:51:53 -04:00
Patrick Marchand	af7b3b36fe	Ansible-lint and yamllint ... Does not fix all warnings, but gets rid of the purely cosmetic ones. (roles/accounts/tasks/main.yml)	2020-05-22 11:49:18 -04:00
Patrick Marchand	67d6c0ab62	revert forgotten extra variables in main	2019-09-19 17:12:21 -04:00
Patrick Marchand	8b1ce861e3	Add stricter ssh and doas access	2019-09-19 17:07:01 -04:00
Tristan PILAT	b555fb1222	Add initial project	2018-12-28 11:23:49 +01:00