first commit
This commit is contained in:
julien
28
roles/server/config.sh
Executable file
28
roles/server/config.sh
Executable file
@@ -0,0 +1,28 @@
|
||||
#!/usr/bin/env bash
|
||||
# Configuration du rôle server
|
||||
source "$PROJECT_DIR/lib.sh"
|
||||
enable_strict_mode
|
||||
|
||||
cat <<'EOM'
|
||||
|
||||
=> Server configuration
|
||||
|
||||
EOM
|
||||
|
||||
ensure_grub_cmdline
|
||||
|
||||
SSH_DIR="/etc/ssh/sshd_config.d"
|
||||
mkdir -p "$SSH_DIR"
|
||||
SSH_CONF="${SSH_DIR}/custom.conf"
|
||||
|
||||
read -r -d '' SSH_CONF_CONTENT <<'EOM' || true
|
||||
# SSH keys only
|
||||
PasswordAuthentication no
|
||||
PubkeyAuthentication yes
|
||||
PermitEmptyPasswords no
|
||||
EOM
|
||||
|
||||
if write_text_file_if_changed "$SSH_CONF_CONTENT" "$SSH_CONF" >/dev/null; then
|
||||
restart_service_if_present ssh
|
||||
restart_service_if_present sshd
|
||||
fi
|
||||
3
roles/server/packages.list
Normal file
3
roles/server/packages.list
Normal file
@@ -0,0 +1,3 @@
|
||||
ROLE_PACKAGES=(
|
||||
# add server-specific packages here, e.g. "nginx" "postgresql" "fail2ban"
|
||||
)
|
||||
Reference in New Issue
Block a user