Jose/ansible-role-debian_common
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix deprecation warnings for inline templating

Browse Source
This commit is contained in:
waal70
2025-08-30 17:52:02 +02:00
parent 857c37a2c1
commit 95c26ad647
3 changed files with 11 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
defaults/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
# defaults file for debian_common
# Andre 2025: this is to prevent:
# [WARNING]: Module remote_tmp /root/.ansible/tmp did not exist and was created with a mode of 0700,
# this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually"
allow_world_readable_tmpfiles: true

4
tasks/tmp-nonexec.yml
View File

@@ -27,7 +27,7 @@
- name: Move old tmp out of the way - name: Move old tmp out of the way
ansible.builtin.command: ansible.builtin.command:
cmd: mv /tmp /old_tmp cmd: mv /tmp /old_tmp
failed_when: "{{ sttmp.stat.exists }}" failed_when: sttmp.stat.exists
changed_when: true changed_when: true
- name: Make the new file a permanent mount in fstab - name: Make the new file a permanent mount in fstab
@@ -41,7 +41,7 @@
- name: Move the old stuff back into the new mountpoint - name: Move the old stuff back into the new mountpoint
ansible.builtin.command: ansible.builtin.command:
cmd: mv /old_tmp/* /tmp/ cmd: mv /old_tmp/* /tmp/
failed_when: "{{ sttmp.stat.exists }}" failed_when: sttmp.stat.exists
changed_when: true changed_when: true
- name: Ensure no more /old_tmp - name: Ensure no more /old_tmp

6
tasks/unpriv-user.yml
View File

@@ -13,7 +13,7 @@
- name: Check the primary key for the unprivileged user - name: Check the primary key for the unprivileged user
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ interactive_user }}" user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-1.pub') }}" key: "{{ lookup('file', '../home/ssh-keys/' ~ interactive_user ~ '/' ~ interactive_user ~ '-yubi-1.pub') }}"
state: present state: present
exclusive: false exclusive: false
register: setkey register: setkey
@@ -22,14 +22,14 @@
when: setkey.changed when: setkey.changed
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ interactive_user }}" user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-1.pub') }}" key: "{{ lookup('file', '../home/ssh-keys/' ~ interactive_user ~ '/' ~ interactive_user ~ '-yubi-1.pub') }}"
state: present state: present
exclusive: true exclusive: true
- name: Set the secondary key for the unprivileged user - name: Set the secondary key for the unprivileged user
ansible.posix.authorized_key: ansible.posix.authorized_key:
user: "{{ interactive_user }}" user: "{{ interactive_user }}"
key: "{{ lookup('file', '../home/ssh-keys/{{ interactive_user }}/{{ interactive_user }}-yubi-2.pub') }}" key: "{{ lookup('file', '../home/ssh-keys/' ~ interactive_user ~ '/' ~ interactive_user ~ '-yubi-2.pub') }}"
state: present state: present
exclusive: false exclusive: false