--- - hosts: all gather_facts: no serial: 1 vars: # List(!) of SSH keys for authorized_keys. Set here or in group_vars/all.yml #ssh_keys: [] cmdline_python: alpine: - "apk add -U python3" centos: &cmdline_python_centos - "yum clean all" - "yum makecache" - "yum install -y python3 || true" debian: &cmdline_python_debian - "apt-get -y update" - "apt-get install -y python3 python3-apt" devuan: *cmdline_python_debian fedora: *cmdline_python_centos opensuse: - "zypper --gpg-auto-import-keys --no-gpg-checks -n refresh" - "zypper --gpg-auto-import-keys --no-gpg-checks -n install python3" ubuntu: *cmdline_python_debian voidlinux: - "xbps-install -Suy python3 libgcc" ssh_package_name: opensuse: openssh voidlinux: openssh ssh_service_name: devuan: ssh tasks: - name: End for non-LXContainer meta: end_host when: inventory_hostname in groups.lxc_hosts - name: Create LXContainer lxc_container: name: "{{ inventory_hostname }}" state: started template: download template_options: "-a amd64 -d {{ os_d }} -r {{ os_r }} --no-validate" config: /etc/lxc/ansible.conf register: lxc_created delegate_to: "{{ ansible_host|default('localhost') }}" - pause: seconds: 10 when: lxc_created is changed - name: Raw-Install Python raw: "{{ item }}" loop: "{{ cmdline_python[os_d] }}" - setup: - name: Set root password shell: "echo root:root | chpasswd -c SHA256" - name: Install SSH package: name: "{{ ssh_package_name[os_d]|default('openssh-server') }}" state: latest - name: "Set «PermitRootLogin» to «yes»" lineinfile: dest: /etc/ssh/sshd_config regexp: '^#? *PermitRootLogin' line: "PermitRootLogin yes" backup: yes notify: "Restart SSH" - name: Enable SSH service: name: "{{ ssh_service_name[os_d]|default('sshd') }}" enabled: yes - name: Start SSH service: name: "{{ ssh_service_name[os_d]|default('sshd') }}" state: started ignore_errors: yes - name: Add SSH keys authorized_key: user: root key: "{{ item }}" loop: "{{ ssh_keys }}" handlers: - name: Restart SSH service: name: "{{ ssh_service_name[os_d]|default('sshd') }}" state: restarted