Jérémy Dubois
dc2707c004
Fix typo
continuous-integration/drone/push Build is failing
2020-10-13 16:16:52 +02:00
Jérémy Dubois
2bf8a7e872
Stricter ssh and doas access - better version
...
continuous-integration/drone/push Build is failing
Fix #34
We now use a unique evobsd_group (evolix by default).
Each user has 2 groups : evobsd_group and user.name.
Only evobsd_group can ssh to server and use doas.
I also added a password restrictions block for IPs/group.
And we make sure the home folder is only readable by owner.
2020-10-13 16:03:54 +02:00
Patrick Marchand
98089a3274
Fix yaml lint lines too long
...
continuous-integration/drone/push Build is failing
continuous-integration/drone/pr Build is failing
In some cases I used block scalars: https://yaml-multiline.info/
In other cases I added newlines
In rare cases I just ignored the rule: https://yamllint.readthedocs.io/en/stable/disable_with_comments.html
2020-06-04 12:51:53 -04:00
Patrick Marchand
af7b3b36fe
Ansible-lint and yamllint
...
Does not fix all warnings, but gets rid of the purely cosmetic ones.
(roles/accounts/tasks/main.yml)
2020-05-22 11:49:18 -04:00
Jérémy Dubois
10d56cad1e
Correction of the stricter ssh access commit
...
evolinux_ssh_group was missing
2020-04-21 11:27:43 +02:00
Patrick Marchand
8b1ce861e3
Add stricter ssh and doas access
2019-09-19 17:07:01 -04:00
Patrick Marchand
846e9aba0e
Adds admin tag back to ssh-key task
2019-01-18 15:05:37 -05:00
Patrick Marchand
77269a2c3f
Fixed problem with ssh keys
...
ssh key variable is a list of keys, not a single key. Use a loop
and the authorized keys module to fix this.
2019-01-18 09:30:42 -05:00
Tristan PILAT
b555fb1222
Add initial project
2018-12-28 11:23:49 +01:00