diff options
| author | Matthew Fennell <matthew@fennell.dev> | 2026-01-14 23:11:39 +0000 |
|---|---|---|
| committer | Matthew Fennell <matthew@fennell.dev> | 2026-01-14 23:11:39 +0000 |
| commit | 546a3bb370a8394d133228236a835a0b606ae8a8 (patch) | |
| tree | 6d3c5a80b429cd5032becccbe63401935b57ce78 /files/50unattended-upgrades | |
| parent | 71dff47fe74bd888feb957ee545ba9bdad6fb076 (diff) | |
I have two keys, one for interactive access, and one for automated jobs. On
migration to the new host, I added the interactive key via the VPS provider's
form, but neglected to add the key for automated jobs. This led to the backup
jobs failing.
Therefore, define keys in the inventory that should be copied to the host, and
ensure they are installed to root. The subsequent step then copies these to the
admin account.
There is one problem with this approach: ssh remains open to root. Although
privilege escalation from admin is possible, I would like to take steps to
reduce root access where possible.
However, the playbook currently has to work both on first run when
bootstrapping the box, as well as subsequent runs. On the first run, the
playbook only has access to root and must create the admin account. However,
once the admin account has been created, the playbook should never again
interact with root.
Therefore, in the near future, I'd like to introduce a "bootstrap" action to
the playbook, that should only be run on the first deploy to the host, and
disable ssh access to root once finished. Subsequent runs should only interact
via admin.
Diffstat (limited to 'files/50unattended-upgrades')
0 files changed, 0 insertions, 0 deletions