aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar ChrisJL <[email protected]>2023-02-08 19:19:09 +0000
committerGravatar GitHub <[email protected]>2023-02-08 19:19:09 +0000
commit22e6d8cdbaa8f1f1f230c26ce36e17f600d2bb07 (patch)
tree8ff29a2d7b6d36c23742659197106f945a57c06f
parentUpdate bootstrap script to use shorturl (#75) (diff)
Add MOTD and sudo lecture roles (#76)
Diffstat
-rw-r--r--roles/common/tasks/main.yml30
-rw-r--r--roles/common/templates/motd.j23
-rw-r--r--roles/common/templates/sudo_lecture.j26
3 files changed, 39 insertions, 0 deletions
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index b3f375b..d470030 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -36,3 +36,33 @@
- restart systemd-timesyncd
tags:
- role::common
+
+- name: Create sudoers lecture
+ template:
+ src: sudo_lecture.j2
+ dest: /etc/sudo_lecture
+ mode: '0644'
+ owner: root
+ group: root
+ tags:
+ - role::common
+
+- name: Add sudoers lecture path
+ lineinfile:
+ dest: /etc/sudoers
+ regexp: '^Defaults +?lecture_file ?= ?".+?"$'
+ line: 'Defaults lecture_file = "/etc/sudo_lecture"'
+ state: present
+ validate: /usr/sbin/visudo -cf %s
+ tags:
+ - role::common
+
+- name: Configure MOTD
+ template:
+ src: motd.j2
+ dest: /etc/motd
+ mode: '0644'
+ owner: root
+ group: root
+ tags:
+ - role::common
diff --git a/roles/common/templates/motd.j2 b/roles/common/templates/motd.j2
new file mode 100644
index 0000000..ff6cfcd
--- /dev/null
+++ b/roles/common/templates/motd.j2
@@ -0,0 +1,3 @@
+[[[ To any NSA and FBI agents accessing our servers: please consider ]]]
+[[[ whether defending the US Constitution against all enemies, ]]]
+[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
diff --git a/roles/common/templates/sudo_lecture.j2 b/roles/common/templates/sudo_lecture.j2
new file mode 100644
index 0000000..1758dd0
--- /dev/null
+++ b/roles/common/templates/sudo_lecture.j2
@@ -0,0 +1,6 @@
+
+ "Bee" careful __
+ with sudo! // \
+ \\_/ //
+ ''-.._.-''-.._.. -(||)(')
+ '''
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-20 14:44:06 +0000