Jérémy Lecour
ee21973371
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2777|524|2253|2462|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/223//ansiblelint">Evolix » ansible-roles » unstable #223</a>
gitea/ansible-roles/pipeline/head This commit looks good
Fully Qualified Collection Name
75 lines
1.8 KiB
YAML
75 lines
1.8 KiB
YAML
---
|
|
- name: Check if FTP account exist
|
|
ansible.builtin.command:
|
|
cmd: grep "^{{ proftpd_name }}:" /etc/proftpd/vpasswd
|
|
failed_when: False
|
|
check_mode: no
|
|
changed_when: check_ftp_account.rc != 0
|
|
register: check_ftp_account
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Generate FTP password
|
|
ansible.builtin.command:
|
|
cmd: apg -n1
|
|
register: ftp_password
|
|
check_mode: no
|
|
when: check_ftp_account.rc != 0
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Print generated password
|
|
ansible.builtin.debug:
|
|
msg: "{{ ftp_password.stdout }}"
|
|
when: check_ftp_account.rc != 0
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Hash generated FTP password
|
|
ansible.builtin.set_fact:
|
|
proftpd_password: "{{ ftp_password.stdout | password_hash('sha512') }}"
|
|
check_mode: no
|
|
when: check_ftp_account.rc != 0
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Get current FTP password
|
|
ansible.builtin.shell:
|
|
cmd: grep "^{{ proftpd_name }}:" /etc/proftpd/vpasswd | cut -d':' -f2
|
|
register: hashed_ftp_password
|
|
check_mode: no
|
|
when: check_ftp_account.rc == 0
|
|
changed_when: False
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Get current FTP password
|
|
ansible.builtin.set_fact:
|
|
proftpd_password: "{{ hashed_ftp_password.stdout }}"
|
|
check_mode: no
|
|
when: check_ftp_account.rc == 0
|
|
changed_when: False
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Create FTP account
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/proftpd/vpasswd
|
|
state: present
|
|
create: yes
|
|
mode: "0440"
|
|
line: "{{ proftpd_name }}:{{ proftpd_password }}:{{ proftpd_uid }}:{{ proftpd_gid }}::{{ proftpd_home }}:/bin/false"
|
|
notify: restart proftpd
|
|
tags:
|
|
- proftpd
|
|
|
|
- name: Allow FTP account
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/proftpd/conf.d/z-evolinux.conf
|
|
state: present
|
|
line: " AllowUser {{ proftpd_name }}"
|
|
insertbefore: "DenyAll"
|
|
notify: restart proftpd
|
|
tags:
|
|
- proftpd
|