20 lines
566 B
YAML
20 lines
566 B
YAML
# Configure users for the bastion host
|
|
- name: users | root | Set strong password
|
|
include_tasks: users/root.yml
|
|
|
|
- name: users | rene | Ensure admin user is absent from bastion
|
|
include_tasks: users/rene.yml
|
|
|
|
- name: users | Create and configure bastion users
|
|
include_tasks: users/_create_user_with_ssh.yml
|
|
loop:
|
|
- name: lowpriv
|
|
comment: "Restricted user for interactive shell"
|
|
shell: /usr/bin/rbash
|
|
|
|
- name: sshjumpuser
|
|
comment: "SSH Jump User - no tty - no password"
|
|
shell: /bin/false
|
|
loop_control:
|
|
loop_var: user_item
|