Add cleanup role

3 years ago · 91e9878e96
parent 6d9c924764
commit 91e9878e96
5 changed files with 23 additions and 2 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -7,7 +7,7 @@ steps:
  - name: yamllint
    image: cytopia/yamllint
    commands:
-      - yamllint .
+      - yamllint --strict .

  - name: ansible-playbook syntax check
    image: cytopia/ansible
--- a/group_vars/all/00-defaults.yml
+++ b/group_vars/all/00-defaults.yml
@ -1,3 +1,4 @@
+---
 disksetup_strategy: efi_gpt_btrfs
 # partitioning_priv_device_node: /dev/sda

--- a/main.yml
+++ b/main.yml
@ -33,3 +33,4 @@
    - docker
    - yubikey
    - u2f
+    - cleanup
--- a/roles/cleanup/tasks/main.yml
+++ b/roles/cleanup/tasks/main.yml
@ -0,0 +1,19 @@
+---
+- name: Remove static ip configuration.
+  file:
+    path: /etc/NetworkManager/system-connections/static.nmconnection
+    state: absent
+
+- name: Remove temporary key from root's authorized_keys.
+  authorized_key:
+    state: absent
+    user: root
+    path: /root/.ssh/authorized_keys
+    key: "{{ tmp_pub_key }}"
+    manage_dir: true
+
+- name: Disable ssh server.
+  systemd:
+    name: sshd
+    enabled: false
+    state: stopped
--- a/roles/configure/tasks/main.yml
+++ b/roles/configure/tasks/main.yml
@ -40,7 +40,7 @@
    group: root
    mode: 0700

- name: Make sure temporary key is in root's authorized_keys
+- name: Make sure temporary key is in root's authorized_keys.
  authorized_key:
    state: present
    user: root