Differences

This shows you the differences between two versions of the page.

--- vms_config [2025/07/26 17:09] – - Imported by DokuWiki Advanced Plugin wikiadm
+++ vms_config [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Configuração das VMs ======
-<file yaml vms-config.yaml>
-- name: MVs config base
-  hosts: all
-  tasks:
-    - name: Testing entries in the /etc/hosts file
-      lineinfile:
-        path: /etc/hosts
-        line: "10.240.0.200 ansible-server.juntotelecom.com.br  ansible-server"
-      register: etc_hosts_result
-    - name: Clear file /etc/hosts
-      when: etc_hosts_result is changed
-      shell: echo '' > /etc/hosts
-      register: etc_hosts_clear
-      tags: hosts
-    - name: Config file /etc/hosts
-      when: etc_hosts_clear is succeeded
-      lineinfile:
-        path: /etc/hosts
-        line: "{{ item.ip }}  {{ item.fqdn }} {{ item.alias }}"
-      with_items:
-        - { ip: '127.0.0.1', fqdn: 'localhost.localdomain', alias: 'localhost' }
-        - { ip: '10.240.0.200', fqdn: 'ansible-server.juntotelecom.com.br', alias: 'ansible-server' }
-        - { ip: '10.240.0.201', fqdn: 'ub-vm-01.juntotelecom.com.br', alias: 'ub-vm-01' }
-        - { ip: '10.240.0.202', fqdn: 'ol-vm-02.juntotelecom.com.br', alias: 'ol-vm-02' }
-        - { ip: '10.240.0.203', fqdn: 'de-vm-03.juntotelecom.com.br', alias: 'de-vm-03' }
-    - name: Add User
-      user:
-        name: suporte
-        comment: "Suporte JuntoTelecom"
-        shell: /bin/bash
-        password: $1$Jd0cyBxz$NMyEIiuVgXCsO2WFCcRvU0
-    - name: Create .ssh for the new user
-      file:
-        mode: 0700
-        owner: suporte
-        group: suporte
-        path: /home/suporte/.ssh
-        state: directory
-    - name: Copy authorized_keys to new user's .ssh folder
-      ansible.builtin.copy:
-        src: /etc/keys/sshkey.pub
-        dest: /home/suporte/.ssh/authorized_keys
-        owner: suporte
-        group: suporte
-        mode: 0644
-    - name: Add user to sudo
-      ansible.builtin.lineinfile:
-        path: /etc/sudoers.d/suporte
-        line: 'suporte ALL=(ALL) NOPASSWD: ALL'
-        mode: 0440
-        create: yes
-        validate: /usr/sbin/visudo -cf %s
-    - name: Disable password login
-      ansible.builtin.lineinfile:
-        path: /etc/ssh/sshd_config
-        regexp: "^PasswordAuthentication"
-        line: "PasswordAuthentication no"
-    - name: SSH restart
-      ansible.builtin.service:
-        name: sshd
-        state: restarted
-</file>
-<file bash>
-$ sudo ansible-playbook --syntax-check vms-config.yaml
-playbook: vms-config.yaml
-</file>
-<file bash>
-$ sudo ansible debian -m shell -a "getent passwd | egrep suporte"
-de-vm-03 | CHANGED | rc=0 >>
-suporte:x:1001:1001:Suporte JuntoTelecom:/home/suporte:/bin/bash
-</file>
-<file bash>
-$ sudo ansible oracle -m shell -e 'ansible_python_interpreter=/usr/bin/python3.9' -a "getent passwd | egrep suporte"
-ol-vm-02 | CHANGED | rc=0 >>
-suporte:x:1001:1001:Suporte JuntoTelecom:/home/suporte:/bin/bash
-</file>
-===== Referências =====
-  - [[https://www.nathancurry.com/blog/23-hardening-ssh-with-ansible/|Hardening SSH With Ansible]]
-  - [[https://gist.github.com/xsleonard/b1c1cd5e46cbd3fb13ea559eec6068f7|Ansible role to create a new user and disable root]]
-  - [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html|ansible.builtin.copy module – Copy files to remote locations]]
-  - [[https://adamtheautomator.com/ansible-create-user/|How to Use Ansible Create User Functionality in Linux]]
-  - [[https://blaszkowski.com/2018/09/02/ansible-add-user-to-sudo|Ansible – add user to sudo]]
-  - [[https://dev.to/project42/parallel-provisioning-with-vagrant-and-ansible-lgc|Parallel Provisioning with Vagrant and Ansible]]