Oauth proxy and monitoring init

author: Elizabeth Hunt <me@liz.coffee> 2025-08-11 18:39:55 -0700
committer: Elizabeth Hunt <me@liz.coffee> 2025-08-11 18:39:55 -0700
commit: 08e92ca3b8ee6c38c3e19126378e51b46cf63b16 (patch)
tree: 6e9c0e0f394d645cea4208bcfab7e1d98d329e0e /playbooks/roles/common/templates
parent: 4f90a2fc5fd134b27c2f0e32a5f1192003d3f0cf (diff)
download: infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.tar.gz
infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.zip
2 files changed, 24 insertions, 0 deletions
diff --git a/playbooks/roles/common/templates/authorized_keys b/playbooks/roles/common/templates/authorized_keys
new file mode 100644
index 0000000..82f2cbb
--- /dev/null
+++ b/playbooks/roles/common/templates/authorized_keys
@@ -0,0 +1,3 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnLAE5TrdYF8QWCSkvgUp15XKcwQJ9393a/CghSo8dG serve@ansible
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINkjxFI9i17i1MQXZUBl99OP7nRURHGFItPaCqkUUQJw serve@ci
+{{ me_lizcoffee_key }}
diff --git a/playbooks/roles/common/templates/sshd_config b/playbooks/roles/common/templates/sshd_config
new file mode 100644
index 0000000..239a0c0
--- /dev/null
+++ b/playbooks/roles/common/templates/sshd_config
@@ -0,0 +1,21 @@
+Include /etc/ssh/sshd_config.d/*.conf
+
+Port 22
+PermitRootLogin no
+PubkeyAuthentication yes
+PasswordAuthentication no
+
+KbdInteractiveAuthentication no
+
+UsePAM yes
+
+AllowAgentForwarding yes
+X11Forwarding no
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+ClientAliveInterval 300
+ClientAliveCountMax 1
+
+AcceptEnv LANG LC_*
+Subsystem	sftp	/usr/lib/openssh/sftp-server
author	Elizabeth Hunt <me@liz.coffee>	2025-08-11 18:39:55 -0700
committer	Elizabeth Hunt <me@liz.coffee>	2025-08-11 18:39:55 -0700
commit	08e92ca3b8ee6c38c3e19126378e51b46cf63b16 (patch)
tree	6e9c0e0f394d645cea4208bcfab7e1d98d329e0e /playbooks/roles/common/templates
parent	4f90a2fc5fd134b27c2f0e32a5f1192003d3f0cf (diff)
download	infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.tar.gz infra-08e92ca3b8ee6c38c3e19126378e51b46cf63b16.zip