--- # Do basic NetBSD configuration # # Assumes: # - NetBSD 6.0/amd64 installed # - ssh login as root permitted # - ansible installed (with depends) # # Run: # ansible-playbook -k -i hosts-HF config-netbsd-basic.yml # # Copyright (c) 2013 Hubert Feyrer # - hosts: netbsd user: root tasks: - name: Install tcsh action: pkgin name=tcsh state=present - name: Add user feyrer user: name=feyrer shell=/usr/pkg/bin/tcsh groups=wheel - name: Create ~feyrer/.ssh directory file: path=~feyrer/.ssh mode=0700 owner=feyrer state=directory - name: Enable ssh login with ssh-key copy: src=~/.ssh/id_rsa.pub dest=~feyrer/.ssh/authorized_keys owner=feyrer - name: Install sudo action: pkgin name=sudo state=present - name: Enable PW-less sudo-access for everyone in group 'wheel' lineinfile: "dest=/usr/pkg/etc/sudoers state=present regexp='^%wheel' line='%wheel ALL=(ALL) NOPASSWD: ALL'" - name: Disable ssh logins as root lineinfile: "dest=/etc/ssh/sshd_config state=absent regexp='^PermitRootLogin.*yes'" notify: - restart sshd # - name: Re-enable ssh logins as root - TEST-ONLY # lineinfile: "dest=/etc/ssh/sshd_config state=present regexp='^PermitRootLogin.*yes' line='PermitRootLogin yes'" # notify: # - restart sshd handlers: - name: restart sshd action: service name=sshd state=restarted