ansible-roles

Author	SHA1	Message	Date
Jérémy Lecour	ec5b792b02	evolinux-users: Add users to group for SSH on Debian 9+	2018-04-16 00:09:39 +02:00
Jérémy Lecour	866d3917be	evolinux: improve case switching A case was missing : no AllowUsers/AllowGroups, on Debian 9	2018-04-16 00:09:39 +02:00
Jérémy Lecour	cb77509da4	evolinux-users: really look for evomaintenance The file was missing in the grep command :/	2018-04-16 00:09:39 +02:00
Jérémy Lecour	65353394ef	evolinux-users: better names for a fewtasks	2018-04-16 00:09:39 +02:00
Jérémy Lecour	0ea48a1b3d	evolinux-users: sudoers file should be 0440 also in Stretch	2018-04-16 00:09:39 +02:00
Jérémy Lecour	eae42d3f03	evolinux-users: use command instead of shell when possible	2018-04-16 00:09:39 +02:00
Jérémy Lecour	9a68f757aa	whitespaces	2018-04-16 00:09:39 +02:00
Jérémy Lecour	1d8fc48fa2	evolinux-users: use assert instead of fail	2018-04-16 00:09:39 +02:00
Jérémy Lecour	fa3c79bd0d	evolinux-users: regroup tasks 1. create all accounts 2. configure sudo for everyone 3. configure ssh for everyone	2018-04-16 00:09:39 +02:00
Jérémy Lecour	32a888ca01	Use AllowGroups mode also if no AllowUsers is present at all	2018-04-16 00:09:38 +02:00
Jérémy Lecour	97ee6a71b1	evolinux-users: rename included files	2018-04-16 00:09:38 +02:00
Jérémy Lecour	fb3efabae6	evolinux-users: split AllowGroups/AllowUsers modes If an AllowGroups directive is found or when using Debian 9+, we use the AllowGroups directive and comment AllowUsers that may be already present. When adding a user, we make sure that the allowed group exists and the use is in that group, to be sure that at least this user is allowed to connect. In other situations, we use the AllowUsers directive.	2018-04-16 00:09:38 +02:00
Jérémy Lecour	46a6a35486	evolinux-users: add check_minifirewall in sudoers commands	2018-04-06 10:36:48 +02:00
Jérémy Lecour	8abed3e258	Use "command" instead of "shell" where possible	2018-04-04 23:36:00 +02:00
Jérémy Lecour	84924c38f4	evolinux-users: create .profile for evomaintenance if missing	2018-03-13 09:37:27 +01:00
Jérémy Lecour	097f732922	evolinux-users: evomaintenance trap detection also with check_mode	2018-02-08 15:33:28 +01:00
Jérémy Lecour	c18b83d974	evolinux-users: deal with AllowGroups and AllowUsers differently	2018-02-08 15:29:53 +01:00
Jérémy Lecour	290dfd300a	evolinux-users: add users to adm group for Stretch	2017-12-28 11:01:31 +01:00
Jérémy Lecour	b7cede7654	Don't add the trap if it is present or commented	2017-10-17 18:07:51 +02:00
Jérémy Lecour	71cd04029c	Insert "Match User" if missing (Jessie only)	2017-10-17 10:28:49 +02:00
Jérémy Lecour	1091dfeeed	evolinux-users: Handle "PermitRootLogin prohibit-password"	2017-10-11 22:17:52 +02:00
Jérémy Lecour	c77bc14e95	Evolinux: don't remove root from AllowUsers list	2017-10-11 17:58:59 +02:00
Jérémy Lecour	ae4b9675c2	evolix-users: disable root ssh login by default	2017-10-10 22:01:44 +02:00
Jérémy Lecour	8435ac192d	evolinux-users: better detection of AllowUsers	2017-10-10 22:01:12 +02:00
Jérémy Lecour	13e1c0486b	"egrep" is deprecated, use "grep -E"	2017-10-08 22:47:03 +02:00
Jérémy Lecour	8c1024c23c	No need to add individual users, a group is enough	2017-10-08 14:23:21 +02:00
Jérémy Lecour	fedbc5b579	evolinux-users: no need to repeat condition	2017-10-06 12:05:07 +02:00
Jérémy Lecour	2b253e075c	Users can be added to secondary groups	2017-10-06 01:06:59 +02:00
Jérémy Lecour	f759b849a5	evolinux-users: install many ssh keys if needed	2017-10-06 01:06:59 +02:00
Jérémy Lecour	7b88393ccf	Refactoring of admin-users + evolinux-base roles * rename admin-users to evolinux-users * splitting the "sudo" part for users between jessie and stretch * with stretch, the sudo group is customizable and properly configured * import evolinux-users role from evolinux-base at proper time to ensure ssh connections are possible for other users before cutting root's access * evomaintenance is also included in evolinux-base to have it available when users are created	2017-10-06 01:06:59 +02:00

30 commits