machine_setup/ansible/roles/sftp/tasks/common.yaml

- name: Create directories
  file:
    name: "{{ item }}"
    state: directory
    mode: 0755
    owner: root
    group: wheel
  loop:
    - /chroot
    - /chroot/readonly
    - /chroot/readwrite

- name: Create directories
  file:
    name: "{{ item }}"
    state: directory
    mode: 0755
    owner: nochainstounlock
    group: nochainstounlock
  loop:
    - /chroot/readonly/downloads
    - /chroot/readonly/incomplete
    - /chroot/readwrite/downloads
    - /chroot/readwrite/incomplete

- name: Create directories
  file:
    name: "{{ item }}"
    state: directory
    mode: 0755
    owner: 11235
    group: nochainstounlock
  loop:
    - /chroot/readonly/library
    - /chroot/readwrite/library

# - name: Install scripts
#   copy:
#     src: "files/{{ item.src }}"
#     dest: "{{ item.dest }}"
#     mode: 0755
#     owner: root
#     group: wheel
#   loop:
#     - src: foo.bash
#       dest: /usr/local/bin/foo

- name: Install Configuration
  copy:
    src: "files/{{ item.src }}"
    dest: "{{ item.dest }}"
    mode: 0644
    owner: root
    group: wheel
  loop:
    - src: sshd_config
      dest: /etc/ssh/sshd_config

# - name: Clone Source
#   git:
#     repo: "https://foo.bar/baz.git"
#     dest: /foo/bar
#     version: "v1.0.2"
#     force: true
#   diff: false

- name: Create directories
  file:
    name: "{{ item }}"
    state: directory
    mode: 0700
    owner: nochainstounlock
    group: nochainstounlock
  loop:
    - /home/nochainstounlock/.ssh

- name: Set authorized keys
  authorized_key:
    user: nochainstounlock
    key: |
      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrjXsXjtxEm47XnRZfo67kJULoc0NBLrB0lPYFiS2Ar kodi@neelix
    exclusive: true

- import_tasks: tasks/freebsd.yaml
  when: 'os_flavor == "freebsd"'

- import_tasks: tasks/linux.yaml
  when: 'os_flavor == "linux"'
Add sftp jail. 2024-06-30 23:02:23 -04:00			`- name: Create directories`
			`file:`
			`name: "{{ item }}"`
			`state: directory`
			`mode: 0755`
			`owner: root`
			`group: wheel`
			`loop:`
			`- /chroot`
			`- /chroot/readonly`
			`- /chroot/readwrite`

			`- name: Create directories`
			`file:`
			`name: "{{ item }}"`
			`state: directory`
			`mode: 0755`
			`owner: nochainstounlock`
			`group: nochainstounlock`
			`loop:`
			`- /chroot/readonly/downloads`
			`- /chroot/readonly/incomplete`
			`- /chroot/readwrite/downloads`
			`- /chroot/readwrite/incomplete`

			`- name: Create directories`
			`file:`
			`name: "{{ item }}"`
			`state: directory`
			`mode: 0755`
			`owner: 11235`
			`group: nochainstounlock`
			`loop:`
			`- /chroot/readonly/library`
			`- /chroot/readwrite/library`

			`# - name: Install scripts`
			`# copy:`
			`# src: "files/{{ item.src }}"`
			`# dest: "{{ item.dest }}"`
			`# mode: 0755`
			`# owner: root`
			`# group: wheel`
			`# loop:`
			`# - src: foo.bash`
			`# dest: /usr/local/bin/foo`

			`- name: Install Configuration`
			`copy:`
			`src: "files/{{ item.src }}"`
			`dest: "{{ item.dest }}"`
			`mode: 0644`
			`owner: root`
			`group: wheel`
			`loop:`
			`- src: sshd_config`
			`dest: /etc/ssh/sshd_config`

			`# - name: Clone Source`
			`# git:`
			`# repo: "https://foo.bar/baz.git"`
			`# dest: /foo/bar`
			`# version: "v1.0.2"`
			`# force: true`
			`# diff: false`

Add neelix public key to sftp server. 2025-01-21 21:23:21 -05:00			`- name: Create directories`
			`file:`
			`name: "{{ item }}"`
			`state: directory`
			`mode: 0700`
			`owner: nochainstounlock`
			`group: nochainstounlock`
			`loop:`
			`- /home/nochainstounlock/.ssh`

			`- name: Set authorized keys`
			`authorized_key:`
			`user: nochainstounlock`
			`key: \|`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrjXsXjtxEm47XnRZfo67kJULoc0NBLrB0lPYFiS2Ar kodi@neelix`
			`exclusive: true`

Add sftp jail. 2024-06-30 23:02:23 -04:00			`- import_tasks: tasks/freebsd.yaml`
			`when: 'os_flavor == "freebsd"'`

			`- import_tasks: tasks/linux.yaml`
			`when: 'os_flavor == "linux"'`