|
@@ -26,8 +26,8 @@
|
26
|
26
|
- name: Generate a timed-based, no reuse, rate-limited (3 logins per 30 seconds) with one concurrently valid code for default user
|
27
|
27
|
command: /usr/bin/google-authenticator -t -f -d --label="{{ main_user_name }}@{{ domain }}" --qr-mode=ANSI -r 3 -R 30 -w 1 --secret=/home/{{ main_user_name }}/.google_authenticator
|
28
|
28
|
creates=/home/{{ main_user_name }}/.google_authenticator
|
29
|
|
- sudo: yes
|
30
|
|
- sudo_user: "{{ main_user_name }}"
|
|
29
|
+ become: yes
|
|
30
|
+ become_user: "{{ main_user_name }}"
|
31
|
31
|
when: ansible_ssh_user != "vagrant"
|
32
|
32
|
|
33
|
33
|
- name: Retrieve generated keys from server
|