feat: update Ansible configuration and add 1Password lookup plugin for secret management
Some checks failed
Nix Format Check / check-format (push) Failing after 37s
Some checks failed
Nix Format Check / check-format (push) Failing after 37s
This commit is contained in:
@@ -1,4 +1,3 @@
|
||||
---
|
||||
- name: Ensure openssh-server is installed
|
||||
ansible.builtin.package:
|
||||
name: openssh-server
|
||||
@@ -12,24 +11,9 @@
|
||||
group: root
|
||||
mode: '0644'
|
||||
validate: '/usr/sbin/sshd -t -f %s'
|
||||
notify: Restart SSH service
|
||||
|
||||
- name: Ensure SSH service is enabled and running
|
||||
ansible.builtin.service:
|
||||
name: ssh
|
||||
state: started
|
||||
enabled: true
|
||||
|
||||
# Handlers
|
||||
- name: Handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Handlers block
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Restart SSH service
|
||||
ansible.builtin.service:
|
||||
name: ssh
|
||||
state: restarted
|
||||
listen: Restart SSH service
|
||||
|
@@ -18,7 +18,7 @@
|
||||
dest: /root/.smbcredentials
|
||||
content: |
|
||||
username=u451316
|
||||
password={{ storage_box_password | default('CHANGE_ME') }}
|
||||
password={{ lookup('onepassword', 'storage-box', field='password') | default('CHANGE_ME') }}
|
||||
mode: '0600'
|
||||
|
||||
- name: Add fstab entry for storage-box
|
||||
@@ -30,12 +30,6 @@
|
||||
state: present
|
||||
notify: Systemctl daemon-reload
|
||||
|
||||
- name: Mount storage-box
|
||||
become: true
|
||||
ansible.builtin.mount:
|
||||
path: /mnt/storage-box
|
||||
src: //u451316.your-storagebox.de/backup
|
||||
fstype: cifs
|
||||
- name: Mount storage-box
|
||||
become: true
|
||||
ansible.builtin.mount:
|
||||
|
Reference in New Issue
Block a user