network-vault/tasks/main.yml

---
- name: install stuff
  apt:
    name: 
      - samba
      - rsnapshot
    update_cache: yes

- name: include common role
  include_role:
    name: common

- name: install cron-apt
  include_role:
    name: cronapt

- name: create user for vault
  user:
    name: vault
    state: present
    shell: /bin/false
    system: yes
    createhome: yes
    home: /var/vault

- name: create smb user vault
  expect:
    command: smbpasswd -a vault
    responses:
      New SMB password: "{{ networkvault_vault_password }}"
      Retype new SMB password: "{{ networkvault_vault_password }}"

- name: reboot at 6 in the morning to activate kernel-updates
  cron:
    name: "reboot"
    minute: "0"
    hour: "6"
    job: "/usr/sbin/reboot"

- name: uninstall ssh service to seal vault
  apt:
    name: 
      - openssh-server
    state: absent
  when: networkvault_seal_vault is defined and networkvault_seal_vault == True
first commit 2021-06-12 01:17:01 +02:00			`---`
			`- name: install stuff`
			`apt:`
			`name:`
			`- samba`
			`- rsnapshot`
			`update_cache: yes`

			`- name: include common role`
			`include_role:`
			`name: common`

			`- name: install cron-apt`
			`include_role:`
			`name: cronapt`

			`- name: create user for vault`
			`user:`
			`name: vault`
			`state: present`
			`shell: /bin/false`
			`system: yes`
			`createhome: yes`
			`home: /var/vault`

			`- name: create smb user vault`
			`expect:`
			`command: smbpasswd -a vault`
			`responses:`
			`New SMB password: "{{ networkvault_vault_password }}"`
			`Retype new SMB password: "{{ networkvault_vault_password }}"`

			`- name: reboot at 6 in the morning to activate kernel-updates`
			`cron:`
			`name: "reboot"`
			`minute: "0"`
			`hour: "6"`
			`job: "/usr/sbin/reboot"`

			`- name: uninstall ssh service to seal vault`
			`apt:`
			`name:`
			`- openssh-server`
			`state: absent`
			`when: networkvault_seal_vault is defined and networkvault_seal_vault == True`