split tasks
This commit is contained in:
Élie Deloumeau-Prigent
parent
6a42daba46
commit
dbf4d327cf
18
tasks/configure_banner.yml
Normal file
18
tasks/configure_banner.yml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
- name: configure_banner | Apply template {{ motd_banner_template }} on {{ _motd_banner_file_path }}
|
||||
copy:
|
||||
content: "{{ motd_banner_template_prepend + _motd_banner_template_content + motd_banner_template_append }}"
|
||||
dest: "{{ _motd_banner_file_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
when: motd_banner_template != None and motd_banner_template|length>0
|
||||
|
||||
- name: configure_banner | Ensure line "Banner {{ _motd_banner_file_path }}" is {{ _motd_banner_state }} in {{ _motd_sshd_config_file_path }}
|
||||
lineinfile:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
regexp: "^(#?)Banner "
|
||||
line: Banner {{ _motd_banner_file_path }}
|
||||
state: "{{ _motd_banner_state }}"
|
||||
notify: Restart sshd
|
||||
...
|
||||
19
tasks/configure_motd.yml
Normal file
19
tasks/configure_motd.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: configure_motd | Apply template {{ motd_template }} on {{ _motd_file_path }}
|
||||
copy:
|
||||
content: "{{ motd_template_prepend + _motd_template_content + motd_template_append }}"
|
||||
dest: "{{ _motd_file_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0755'
|
||||
tags:
|
||||
- molecule-idempotence-notest
|
||||
|
||||
- name: configure_motd | Add pam_exec {{ _motd_file_path }} in pam
|
||||
lineinfile:
|
||||
path: "{{ item }}"
|
||||
line: session optional pam_exec.so type=open_session stdout {{ _motd_file_path }}
|
||||
loop:
|
||||
- "{{ _motd_pam_login_file_path }}"
|
||||
- "{{ _motd_pam_sshd_file_path }}"
|
||||
...
|
||||
22
tasks/disable_default_motd.yml
Normal file
22
tasks/disable_default_motd.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
- name: disable_default_motd | Get stats of {{ _motd_sshd_config_file_path }}
|
||||
stat:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
register: _motd_sshd_config_file_stat
|
||||
|
||||
- name: disable_default_motd | Ensure PrintMotd is set to "no" in {{ _motd_sshd_config_file_path }}
|
||||
lineinfile:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
regexp: "^PrintMotd "
|
||||
line: PrintMotd no
|
||||
when: _motd_sshd_config_file_stat.stat.exists
|
||||
|
||||
- name: disable_default_motd | Comment out pam_motd in pam
|
||||
replace:
|
||||
path: "{{ item }}"
|
||||
regexp: '^(session\s+optional\s+pam_motd.so\s+.*)'
|
||||
replace: '# \1'
|
||||
loop:
|
||||
- "{{ _motd_pam_login_file_path }}"
|
||||
- "{{ _motd_pam_sshd_file_path }}"
|
||||
...
|
||||
@ -1,58 +1,9 @@
|
||||
---
|
||||
- block:
|
||||
- name: Get stats of {{ _motd_sshd_config_file_path }}
|
||||
stat:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
register: _motd_sshd_config_file_stat
|
||||
- include_tasks: configure_banner.yml
|
||||
|
||||
- name: Ensure PrintMotd is set to "no" in {{ _motd_sshd_config_file_path }}
|
||||
lineinfile:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
regexp: "^PrintMotd "
|
||||
line: PrintMotd no
|
||||
when: _motd_sshd_config_file_stat.stat.exists
|
||||
|
||||
- name: Comment out pam_motd in pam
|
||||
replace:
|
||||
path: "{{ item }}"
|
||||
regexp: '^(session\s+optional\s+pam_motd.so\s+.*)'
|
||||
replace: '# \1'
|
||||
loop:
|
||||
- "{{ _motd_pam_login_file_path }}"
|
||||
- "{{ _motd_pam_sshd_file_path }}"
|
||||
- name: include_tasks disable_default_motd.yml if motd_disable_default_motd is True
|
||||
include_tasks: disable_default_motd.yml
|
||||
when: motd_disable_default_motd|bool
|
||||
|
||||
- name: Apply template {{ motd_banner_template }} on {{ _motd_banner_file_path }}
|
||||
copy:
|
||||
content: "{{ motd_banner_template_prepend + _motd_banner_template_content + motd_banner_template_append }}"
|
||||
dest: "{{ _motd_banner_file_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
when: motd_banner_template
|
||||
|
||||
- name: Ensure line "Banner {{ _motd_banner_file_path }}" is {{ _motd_banner_state }} in {{ _motd_sshd_config_file_path }}
|
||||
lineinfile:
|
||||
path: "{{ _motd_sshd_config_file_path }}"
|
||||
regexp: "^(#?)Banner "
|
||||
line: Banner {{ _motd_banner_file_path }}
|
||||
state: "{{ _motd_banner_state }}"
|
||||
notify: Restart sshd
|
||||
|
||||
- name: Apply template {{ motd_template }} on {{ _motd_file_path }}
|
||||
copy:
|
||||
content: "{{ motd_template_prepend + _motd_template_content + motd_template_append }}"
|
||||
dest: "{{ _motd_file_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0755'
|
||||
tags:
|
||||
- molecule-idempotence-notest
|
||||
|
||||
- name: Add pam_exec {{ _motd_file_path }} in pam
|
||||
lineinfile:
|
||||
path: "{{ item }}"
|
||||
line: session optional pam_exec.so type=open_session stdout {{ _motd_file_path }}
|
||||
loop:
|
||||
- "{{ _motd_pam_login_file_path }}"
|
||||
- "{{ _motd_pam_sshd_file_path }}"
|
||||
- include_tasks: configure_motd.yml
|
||||
...
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user