diff --git a/roles/bank/tasks/login.yaml b/roles/bank/tasks/login.yaml index 7ed568e..24fe3e0 100644 --- a/roles/bank/tasks/login.yaml +++ b/roles/bank/tasks/login.yaml @@ -1,10 +1,18 @@ --- +- name: Install revbank login shell + ansible.builtin.template: + src: login.sh + dest: /usr/local/bin/revbank-login + owner: root + group: root + mode: "0755" + - name: Add user ansible.builtin.user: name: bank password: $6$idklol$QrOE/21LDR0vhZBAXwgA7AvnmR6Ju4ZqzAzgeazC08i2yw9kyQjgwu.uuV692iL/cyE7AteDYUxCpcorONXom. # "bank" home: /home/{{ bank_user }} - shell: /home/{{ bank_user }}/revbank.git/revbank + shell: /usr/local/bin/revbank-login update_password: always - name: Allow password auth for bank user @@ -13,7 +21,7 @@ insertafter: EOF validate: "/usr/sbin/sshd -t -f %s" block: |- - Match User bank + Match User {{ bank_user }} PasswordAuthentication yes notify: reload sshd diff --git a/roles/bank/tasks/revbank.yaml b/roles/bank/tasks/revbank.yaml index 5a0cf6c..1870ff1 100644 --- a/roles/bank/tasks/revbank.yaml +++ b/roles/bank/tasks/revbank.yaml @@ -8,20 +8,9 @@ ansible.builtin.git: repo: "{{ bank_revbank_git }}" version: master - dest: /home/{{ bank_user }}/revbank.git + dest: /usr/local/share/revbank accept_hostkey: yes -- name: Link plugins - ansible.builtin.file: - state: link - src: "{{ item.src }}" - path: "{{ item.dest }}" - with_items: - - src: /home/{{ bank_user }}/revbank.git/plugins - dest: /home/{{ bank_user }}/plugins - - src: /home/{{ bank_user }}/revbank.git/data/plugins - dest: /home/{{ bank_user }}/.revbank/plugins - - name: Install git cronjob ansible.builtin.template: src: git.cron diff --git a/roles/bank/templates/login.sh b/roles/bank/templates/login.sh new file mode 100644 index 0000000..6deaf2b --- /dev/null +++ b/roles/bank/templates/login.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +export REVBANK_DIR=/usr/local/share/revbank +export REVBANK_PLUGINS="$(cat $REVBANK_DIR/data/plugins | sed 's/ *#.*$//g' | sed '/^$/d' | tr '\n' ' ')" + +$REVBANK_DIR/revbank