reodered and added functionality

roles/base/tasks/main.yml

@@ -5,6 +5,24 @@
 - block:
   - debug:
       msg: Debug
+  # install software
+  # - import_tasks: software/repositories.yml
+  - import_tasks: software/packages_zsh.yml
+  # - import_tasks: software/packages_development.yml
+  - import_tasks: software/packages_cleanup.yml
+  # - import_tasks: software/packages_pip.yml
+  - import_tasks: software/packages_utilities.yml
+
+  # Perform remaining tasks:
+  - import_tasks: system_setup/clock.yml
+  # - import_tasks: system_setup/cron.yml
+  - import_tasks: system_setup/locale.yml
+  # - import_tasks: system_setup/logging.yml
+  # - import_tasks: system_setup/memory.yml
+  # - import_tasks: system_setup/microcode.yml
+  - import_tasks: system_setup/openssh.yml
+  # - import_tasks: system_setup/scripts.yml
+
   # Make sure users exist on the system
   #- import_tasks: users/rene.yml
   #- import_tasks: users/root.yml
@@ -12,22 +30,5 @@
   # Set up the ansible environment
   # - import_tasks: ansible_setup.yml
 
-  # install software
-  # - import_tasks: software/repositories.yml
-  # - import_tasks: software/packages_development.yml
-  # - import_tasks: software/packages_cleanup.yml
-  # - import_tasks: software/packages_pip.yml
-  # - import_tasks: software/packages_utilities.yml
-
-  # Perform remeining tasks:
-  # - import_tasks: system_setup/clock.yml
-  # - import_tasks: system_setup/cron.yml
-  # - import_tasks: system_setup/locale.yml
-  # - import_tasks: system_setup/logging.yml
-  # - import_tasks: system_setup/memory.yml
-  # - import_tasks: system_setup/microcode.yml
-  # - import_tasks: system_setup/openssh.yml
-  # - import_tasks: system_setup/scripts.yml
-
   rescue:
     - set_fact: task_failed=true

roles/base/tasks/system_setup/openssh.yml

@@ -14,10 +14,17 @@
 
 - name: system setup | openssh | generate sshd_config file from template
   tags: openssh,ssh,system,settings
-  template:
-    src: sshd_config.j2
-    dest: /etc/ssh/sshd_config
+  copy:
+    src: system_setup/sshd_custom.conf
+    dest: /etc/ssh/sshd_config.d/custom.conf
     owner: root
     group: root
-    mode: 0644
-  notify: restart_sshd
+    mode: '0644'
+
+#  template:
+#    src: sshd_config.j2
+#    dest: /etc/ssh/sshd_config
+#    owner: root
+#    group: root
+#    mode: 0644
+#  notify: restart_sshd

roles/base/tasks/users/ansible.yml

@@ -0,0 +1,14 @@
+- name: users | ansible | add user
+  user:
+    name: ansible
+    comment: Ansible-Pull user
+    shell: /bin/bash
+    password_lock: yes
+
+- name: users | ansible | add sudoers file
+  copy:
+    src: users/sudoers_ansible
+    dst: /etc/sudoers.d/ansible
+    owner: root
+    group: root
+    mode: 0440

roles/base/tasks/users/rene.yml

@@ -3,30 +3,30 @@
     name: rene
     password_lock: yes
 
-- name: users | rene | create config directories
-  file:
-    path: /rene/{{ item.dir }}
-    state: directory
-    owner: rene
-    group: rene
-    mode: 0700
-  with_items:
-    - {dir: '.vim'}
-    - {dir: '.vim/colors'}
-  tags: dotfiles
+# - name: users | rene | create config directories
+#   file:
+#     path: /rene/{{ item.dir }}
+#     state: directory
+#     owner: rene
+#     group: rene
+#     mode: 0700
+#   with_items:
+#     - {dir: '.vim'}
+#     - {dir: '.vim/colors'}
+#   tags: dotfiles
 
-- name: users | rene | copy dotfiles
-  copy:
-    src: users/rene/{{ item.src }}
-    dest: /rene/{{ item.dest }}
-    owner: rene
-    group: rene
-    mode: 0600
-  with_items:
-    - {src: 'bash/bashrc', dest: '.bashrc'}
-    - {src: 'bash/bash_profile', dest: '.bash_profile'}
-    - {src: 'bash/profile', dest: '.profile'}
-    - {src: 'tmux/tmux.conf', dest: '.tmux.conf'}
-    - {src: 'vim/vimrc', dest: '.vimrc'}
-    - {src: 'zsh/zshrc', dest: '.zshrc'}
-  tags: dotfiles
+# - name: users | rene | copy dotfiles
+#   copy:
+#     src: users/rene/{{ item.src }}
+#     dest: /rene/{{ item.dest }}
+#     owner: rene
+#     group: rene
+#     mode: 0600
+#   with_items:
+#     - {src: 'bash/bashrc', dest: '.bashrc'}
+#     - {src: 'bash/bash_profile', dest: '.bash_profile'}
+#     - {src: 'bash/profile', dest: '.profile'}
+#     - {src: 'tmux/tmux.conf', dest: '.tmux.conf'}
+#     - {src: 'vim/vimrc', dest: '.vimrc'}
+#     - {src: 'zsh/zshrc', dest: '.zshrc'}
+#   tags: dotfiles

roles/base/tasks/users/root.yml

@@ -3,30 +3,30 @@
     name: root
     password_lock: yes
 
-- name: users | root | create config directories
-  file:
-    path: /root/{{ item.dir }}
-    state: directory
-    owner: root
-    group: root
-    mode: 0700
-  with_items:
-    - {dir: '.vim'}
-    - {dir: '.vim/colors'}
-  tags: dotfiles
+# - name: users | root | create config directories
+#   file:
+#     path: /root/{{ item.dir }}
+#     state: directory
+#     owner: root
+#     group: root
+#     mode: 0700
+#   with_items:
+#     - {dir: '.vim'}
+#     - {dir: '.vim/colors'}
+#   tags: dotfiles
 
-- name: users | root | copy dotfiles
-  copy:
-    src: users/root/{{ item.src }}
-    dest: /root/{{ item.dest }}
-    owner: root
-    group: root
-    mode: 0600
-  with_items:
-    - {src: 'bash/bashrc', dest: '.bashrc'}
-    - {src: 'bash/bash_profile', dest: '.bash_profile'}
-    - {src: 'bash/profile', dest: '.profile'}
-    - {src: 'tmux/tmux.conf', dest: '.tmux.conf'}
-    - {src: 'vim/vimrc', dest: '.vimrc'}
-    - {src: 'zsh/zshrc', dest: '.zshrc'}
-  tags: dotfiles
+# - name: users | root | copy dotfiles
+#   copy:
+#     src: users/root/{{ item.src }}
+#     dest: /root/{{ item.dest }}
+#     owner: root
+#     group: root
+#     mode: 0600
+#   with_items:
+#     - {src: 'bash/bashrc', dest: '.bashrc'}
+#     - {src: 'bash/bash_profile', dest: '.bash_profile'}
+#     - {src: 'bash/profile', dest: '.profile'}
+#     - {src: 'tmux/tmux.conf', dest: '.tmux.conf'}
+#     - {src: 'vim/vimrc', dest: '.vimrc'}
+#     - {src: 'zsh/zshrc', dest: '.zshrc'}
+#   tags: dotfiles