- name: Make sure we have a 'sudo' group group: name: sudo state: present - name: Allow sudo group to have passwordless sudo lineinfile: path: /etc/sudoers state: present regexp: '^%sudo' line: '%sudo ALL=(ALL) NOPASSWD: ALL' validate: '/usr/sbin/visudo -cf %s' - name: Create a new regular user with sudo privileges user: name: "{{ create_user }}" state: present groups: sudo append: true create_home: true shell: /bin/bash - name: Set authorized key for remote user authorized_key: user: "{{ create_user }}" state: present key: "{{ copy_local_key }}" - name: Disable password authentication for root lineinfile: path: /etc/ssh/sshd_config state: present regexp: '^#?PermitRootLogin' line: 'PermitRootLogin no' - name: Add syncthing release signing key. apt_key: url: https://syncthing.net/release-key.txt state: present - name: Add syncthing apt repo apt_repository: repo: deb https://apt.syncthing.net/ syncthing stable filename: syncthing state: present - name: Update apt apt: update_cache=yes - name: Install required system packages apt: name={{ sys_packages }} state=latest - name: Restart sshd service: name: sshd.service state: restarted - name: Enable and start syncthing systemd: name: "{{ syncthing_personal_service }}" state: started enabled: yes