easylinux/proxmox-packer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ed95e848bdb342bb69f352b4b5e9baf2d224d419
proxmox-packer/ansible/roles/configure/tasks/ubuntu.yml
AJ Schroeder 397034b53e History rewrite
2023-11-21 20:27:31 -06:00

88 lines
2.7 KiB
YAML
Raw Blame History

---
- name: "Configure SSH for Public Key Authentication"
shell: |
sudo sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config
- name: "Restarting the SSH daemon."
shell: |
sudo systemctl restart sshd
- name: Remove cloud-init files
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg
- /etc/cloud/cloud.cfg.d/50-curtin-networking.cfg
- /etc/cloud/cloud.cfg.d/curtin-preserve-sources.cfg
- /etc/cloud/cloud.cfg.d/99-installer.cfg
- /etc/netplan/00-installer-config.yaml
when:
- cloud_init | bool
- ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04"
- name: Disable cloud-init if configured to
block:
- name: Check if /etc/cloud/ exists
ansible.builtin.stat:
path: '/etc/cloud/'
register: etc_cloud_folder
- name: 'Generate /etc/cloud/cloud-init.disabled'
ansible.builtin.copy:
dest: '/etc/cloud/cloud-init.disabled'
content: 'disabled by ansible\n'
owner: 'root'
group: 'root'
mode: '0644'
when:
- 'etc_cloud_folder.stat.exists'
when:
- not cloud_init | bool
- ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04"
- name: Copy cloud-init PVE default file
ansible.builtin.copy:
dest: /etc/cloud/cloud.cfg.d/90_dpkg.cfg
content: |
datasource_list: [ ConfigDrive, NoCloud ]
when: cloud_init | bool
- name: "Modifying GRUB."
shell: |
sed -i -e "s/GRUB_CMDLINE_LINUX_DEFAULT=\"\(.*\)\"/GRUB_CMDLINE_LINUX_DEFAULT=\"\"/" /etc/default/grub
update-grub
when: ansible_distribution_version == "20.04" or ansible_distribution_version == "22.04"
- name: Creating SSH key regeneration service file
ansible.builtin.copy:
dest: /etc/systemd/system/regenerate_ssh_host_keys.service
content: |
[Unit]
Description=Regenerate SSH host keys
Before=ssh.service
ConditionFileIsExecutable=/usr/bin/ssh-keygen
[Service]
Type=oneshot
ExecStartPre=-/bin/dd if=/dev/hwrng of=/dev/urandom count=1 bs=4096
ExecStartPre=-/bin/sh -c "/bin/rm -f -v /etc/ssh/ssh_host_*_key*"
ExecStart=/usr/bin/ssh-keygen -A -v
ExecStartPost=/bin/systemctl disable regenerate_ssh_host_keys
[Install]
WantedBy=multi-user.target
when: not cloud_init | bool
- name: Reload systemd to re-read configurations
ansible.builtin.systemd:
daemon-reload: true
when: not cloud_init | bool
- name: Enable regenerate_ssh_host_keys service
ansible.builtin.systemd:
name: regenerate_ssh_host_keys
enabled: true
when: not cloud_init | bool
...
Reference in New Issue View Git Blame Copy Permalink