V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m44s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m44s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -84,7 +84,7 @@ debootstrap: # Provide a mirror for downloading the Debian pac
|
||||
# list of official Debian packages.
|
||||
mirror: "https://deb.debian.org/debian"
|
||||
# The following packages MUST be included in the debootstrap.
|
||||
includes: "busybox,ca-certificates,git,locales,openssl,python3,python3-apt,systemd-cryptsetup,zstd"
|
||||
includes: "busybox,ca-certificates,git,libpam-systemd,locales,openssl,python3,python3-apt,systemd-cryptsetup,zstd"
|
||||
distribution: "trixie" # MUST be "trixie".
|
||||
debian_suite: "stable" # MUST be "stable". Not supported yet: "testing", "experimental".
|
||||
exit:
|
||||
@@ -855,7 +855,7 @@ user:
|
||||
tty: true # Allow TTY (local console) login.
|
||||
password: true # Allow password login. SSH password login is always disabled.
|
||||
2fa:
|
||||
ssh: false # Require 2FA for SSH access. MUST be either 'true' or 'false' for both ssh and tty.
|
||||
ssh: false # Require 2FA for SSH access.
|
||||
tty: false # Require 2FA for TTY (local console) login.
|
||||
privileges:
|
||||
description: "Root user with full system access and administrative privileges."
|
||||
@@ -872,7 +872,7 @@ user:
|
||||
user0:
|
||||
ensure: present # Must always be 'present'. (Not in use in this version of the installer.)
|
||||
protected: true # Prevent unintentional edits or deletions. (Not in use in this version of the installer.)
|
||||
name: "msw" # The name of the user account.
|
||||
name: "msw" # The name of the user account. No ":" allowed.
|
||||
fullname: "msw" # The full name of the user account holder.
|
||||
uid: 1000 # Ensures that the same user has the same UID on all systems.
|
||||
gid: 1000 # Ensures that the same user has the same GID on all systems.
|
||||
@@ -885,7 +885,7 @@ user:
|
||||
tty: true # Allow TTY (local console) login.
|
||||
password: true # Allow password login. SSH password login is always disabled.
|
||||
2fa:
|
||||
ssh: false # Require 2FA for SSH access. MUST be either 'true' or 'false' for both ssh and tty.
|
||||
ssh: false # Require 2FA for SSH access.
|
||||
tty: false # Require 2FA for TTY (local console) login.
|
||||
privileges:
|
||||
description: "Primary admin user with full sudo access and interactive login."
|
||||
@@ -902,7 +902,7 @@ user:
|
||||
user1:
|
||||
ensure: present # "present" = create user; "absent" = remove user
|
||||
protected: true # Prevent unintentional edits or deletions.
|
||||
name: "ansible" # The name of the user account.
|
||||
name: "ansible" # The name of the user account. No ":" allowed.
|
||||
fullname: "ansible" # The full name of the user account holder.
|
||||
uid: 137 # Ensures that the same user has the same UID on all systems.
|
||||
gid: 137 # Ensures that the same user has the same GID on all systems.
|
||||
@@ -915,7 +915,7 @@ user:
|
||||
tty: false # Allow TTY (local console) login.
|
||||
password: false # Allow password login. SSH password login is always disabled.
|
||||
2fa:
|
||||
ssh: false # Require 2FA for SSH access. MUST be either 'true' or 'false' for both ssh and tty.
|
||||
ssh: false # Require 2FA for SSH access.
|
||||
tty: false # Require 2FA for TTY (local console) login.
|
||||
privileges:
|
||||
description: "Ansible automation user with sudo, key-only SSH, no TTY."
|
||||
|
||||
Reference in New Issue
Block a user