Handle root

defaults/main.yml

@@ -33,10 +33,12 @@ swap_on: true
 swap_file: /swapfile
 #block size * block count = swap size (Bytes)
 swap_block_size: 1024
-swap_block_count: 1048576
+swap_block_count: 2097152
+# Default is 2GB of swapfile
 
 
 ## USER + GROUPS
+root_user_cred: MyVeryStrongPassword
 shared_group: "{{ cloud_name }}"
 default_groups:
   - "ssh"

tasks/main.yml

@@ -1,13 +1,4 @@
 ---
-- name: Limit access to cloud home only for root
-  file:
-    state: directory
-    path: "{{ cloud_home }}"
-    owner: root
-    group: root
-    mode: 0700
-    recurse: yes
-
 - name: Install basic apps via apt
   apt:
     update_cache: yes
@@ -30,7 +21,6 @@
 - name: Setup and configure fail2ban service
   import_tasks: fail2ban.yml
 
-
 - name: Setup mount points
   import_tasks: mount.yml
 

tasks/users.yml

@@ -1,4 +1,9 @@
 ---
+- name: Adjust root password
+  user:
+    name: root
+    password: "{{ root_user_cred }}"
+
 - name: list active users
   shell: grep -v "nologin" /etc/passwd | cut -f 1 -d ":"
   changed_when: false