Dustin C. Hatch
6396b9fc49
Since Gitea servers may be exposed directly to the Internet, it is important to prevent SSH tunneling, lest the server become an ingress point into the network. Additionally, the *gitea* user should not be allowed to use password authentication, as this would only work if the user actually has a password (which it does not) and would result in shell access instead of Gitea.
11 lines
148 B
YAML
11 lines
148 B
YAML
- hosts: gitea
|
|
roles:
|
|
- apache
|
|
- gitea
|
|
- sshd
|
|
tasks:
|
|
- name: ensure apache is running
|
|
service:
|
|
name=httpd
|
|
state=started
|