crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
ansible/roles/ldap-client/tasks/main.yml

39 lines
909 B
YAML
Raw Blame History

---
# Install and configure main LDAP tools
- include_tasks: install_ldap.yml
# Disable passwd and chsh
- name: Copy passwd and chsh scripts
template:
src: bin/passwd.j2
dest: "/usr/local/bin/{{ item }}"
mode: 0755
loop:
- chsh
- chsh.ldap
- passwd
- name: Filter SSH on groups
lineinfile:
dest: /etc/ssh/sshd_config
regexp: ^AllowGroups
line: "AllowGroups {{ ssh_allow_groups }}"
state: present
- name: Configure sudoers
template:
src: "{{ item }}.j2"
dest: "/etc/{{ item }}"
mode: 0440
loop:
- sudoers.d/custom_passprompt
- sudoers.d/group_privilege
- sudoers
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568577
- name: Ensure home directories are created upon login
lineinfile:
dest: /etc/pam.d/common-account
regexp: 'pam_mkhomedir\.so'
line: "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077"
Reference in New Issue View Git Blame Copy Permalink