diff options
Diffstat (limited to 'roles/sshvpn')
| -rw-r--r-- | roles/sshvpn/handlers/main.yaml | 6 | ||||
| -rw-r--r-- | roles/sshvpn/tasks/check_sshvpn_exists.yaml | 12 | ||||
| -rw-r--r-- | roles/sshvpn/tasks/create_users_sshvpn.yaml | 16 | ||||
| -rw-r--r-- | roles/sshvpn/tasks/main.yaml | 3 | ||||
| -rw-r--r-- | roles/sshvpn/tasks/setup_sshvpn.yaml | 16 |
5 files changed, 53 insertions, 0 deletions
diff --git a/roles/sshvpn/handlers/main.yaml b/roles/sshvpn/handlers/main.yaml new file mode 100644 index 00000000..cd12bec6 --- /dev/null +++ b/roles/sshvpn/handlers/main.yaml @@ -0,0 +1,6 @@ +--- +- name: restart_ssh + ansible.builtin.service: + name: sshd + state: restarted + enabled: yes diff --git a/roles/sshvpn/tasks/check_sshvpn_exists.yaml b/roles/sshvpn/tasks/check_sshvpn_exists.yaml new file mode 100644 index 00000000..3939f2d8 --- /dev/null +++ b/roles/sshvpn/tasks/check_sshvpn_exists.yaml @@ -0,0 +1,12 @@ +--- +- name: "Check if sshvpn is already installed" + ansible.builtin.stat: + path: /home/sshvpn + register: sshvpn_directory + +- name: "Setup sshvpn if directory doesn't exist" + ansible.builtin.include_tasks: setup_sshvpn.yaml + when: sshvpn_directory.stat.exists == false + +- name: "Create sshvpn users" + ansible.builtin.include_tasks: create_users_sshvpn.yaml diff --git a/roles/sshvpn/tasks/create_users_sshvpn.yaml b/roles/sshvpn/tasks/create_users_sshvpn.yaml new file mode 100644 index 00000000..f4b0ed68 --- /dev/null +++ b/roles/sshvpn/tasks/create_users_sshvpn.yaml @@ -0,0 +1,16 @@ +--- +- name: "sshvpn user management" + sshvpn: + users: "{{ all_users|default([]) + sshvpn_users|default([]) }}" + register: sshvpn_user_pass_dict + #no_log: true + +- name: "make temp dir" + ansible.builtin.file: + path: /var/reactance/.temp/ + state: directory + +- name: "add sshvpn user password pair to dict" + ansible.builtin.copy: + content: "{{ sshvpn_user_pass_dict['msg']|default({}) | to_json }}" + dest: /var/reactance/.temp/sshvpn_user_pass_dict diff --git a/roles/sshvpn/tasks/main.yaml b/roles/sshvpn/tasks/main.yaml new file mode 100644 index 00000000..78a241af --- /dev/null +++ b/roles/sshvpn/tasks/main.yaml @@ -0,0 +1,3 @@ +--- +- name: "Setup sshvpn" + ansible.builtin.include_tasks: check_sshvpn_exists.yaml diff --git a/roles/sshvpn/tasks/setup_sshvpn.yaml b/roles/sshvpn/tasks/setup_sshvpn.yaml new file mode 100644 index 00000000..20504e57 --- /dev/null +++ b/roles/sshvpn/tasks/setup_sshvpn.yaml @@ -0,0 +1,16 @@ +--- +- name: "Create sshvpns user" + ansible.builtin.user: + name: sshvpn + shell: /sbin/nologin + home: /var/reactance/sshvpn + +- name: "Create .ssh directory (if not exists)" + ansible.builtin.file: + path: /var/reactance/sshvpn/.ssh + owner: sshvpn + group: sshvpn + mode: 0700 + +- name: "Run user management script" + include_tasks: create_users_sshvpn.yaml |