-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup.yml
66 lines (66 loc) · 1.59 KB
/
setup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
---
- name: Install kerberose on raspberry Pi
hosts: localhost
any_errors_fatal: true
remote_user: root
become: yes
become_method: su
tasks:
- name: Set timezone to America/Toronto
timezone:
name: America/Toronto
- name: Set hostname
hostname:
name: kdc.home.local
- name: Update & upgrade all packages to the latest version
apt:
upgrade: yes
update_cache: yes
force_apt_get: yes #Needed for Raspbian(buster)
cache_valid_time: 86400 #One day
- name: Install kerberose server packages
apt:
pkg:
- krb5-kdc
- krb5-admin-server
- krb5-config
- name: Copy file krb5.conf with owner and permissions
copy:
src: config/krb5.conf
dest: /etc/krb5.conf
owner: root
group: root
mode: '0644'
- name: Copy file kadm5.acl with owner and permissions
copy:
src: config/kadm5.acl
dest: /etc/krb5kdc/kadm5.acl
owner: root
group: root
mode: '0644'
- name: Copy ssh client config
copy:
src: config/ssh_config
dest: /etc/ssh/ssh_config
owner: root
group: root
mode: '0644'
- name: Copy ssh daemon config
copy:
src: config/sshd_config
dest: /etc/ssh/sshd_config
owner: root
group: root
mode: '0644'
- name: Create the initial kerberos database
script: createKerberoseDB.sh
- name: start KDC service
service:
name: krb5-kdc
state: restarted
enabled: yes
- name: start admin server
service:
name: krb5-admin-server
state: restarted
enabled: yes