39 lines
981 B
YAML
39 lines
981 B
YAML
- name: Set up interfaces
|
|
include_tasks: interface.yml
|
|
loop: "{{ interfaces }}"
|
|
loop_control:
|
|
label: "{{ interface.name }}"
|
|
loop_var: interface
|
|
|
|
- name: Set up firewall
|
|
include_tasks: firewall.yml
|
|
|
|
- name: Disable SSH password authentication
|
|
win_lineinfile:
|
|
path: c:\ProgramData\ssh\sshd_config
|
|
regexp: '^#?{{ item.key }}'
|
|
line: "{{ item.key }} {{ item.value }}"
|
|
loop:
|
|
- key: "PasswordAuthentication"
|
|
value: "no"
|
|
- key: "PermitRootLogin"
|
|
value: "prohibit-password"
|
|
notify: restart sshd
|
|
|
|
- name: Set default shell to powershell
|
|
win_regedit:
|
|
path: HKLM:\SOFTWARE\OpenSSH
|
|
name: DefaultShell
|
|
data: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
|
notify: restart sshd
|
|
|
|
- name: Set authorized SSH keys
|
|
win_copy:
|
|
dest: C:\ProgramData\ssh\administrators_authorized_keys
|
|
content: "{{ ssh_keys | join('\n') }}"
|
|
|
|
- name: Enable ssh
|
|
win_service:
|
|
name: sshd
|
|
start_mode: auto
|
|
state: started
|