diff options
author | pmikus <pmikus@cisco.com> | 2021-04-08 10:44:18 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2021-04-08 11:17:15 +0000 |
commit | df5672b3d9c29b51397f4770eb992c9f3f3955ce (patch) | |
tree | adb4cf36c9b680ebbc44c953391a0d21b986d6b7 /fdio.infra.ansible/roles/user_add/tasks/main.yaml | |
parent | 8018da98e0f362bc69fc9600fac222a86fd46b5e (diff) |
Ansible git move
+ Better accessibility
+ Compliant with fdio.infra._function_
- function [pxe|terraform|ansible|vagrant]
+ dill==0.3.3 also applied on TBs
- ci-man to follow today
- Docs to be updated in separate patch
Signed-off-by: pmikus <pmikus@cisco.com>
Change-Id: Iff9eaa29d63044188cc8160db2d9b44b7635782a
Diffstat (limited to 'fdio.infra.ansible/roles/user_add/tasks/main.yaml')
-rw-r--r-- | fdio.infra.ansible/roles/user_add/tasks/main.yaml | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/fdio.infra.ansible/roles/user_add/tasks/main.yaml b/fdio.infra.ansible/roles/user_add/tasks/main.yaml new file mode 100644 index 0000000000..f980aff84d --- /dev/null +++ b/fdio.infra.ansible/roles/user_add/tasks/main.yaml @@ -0,0 +1,48 @@ +--- +# file: roles/user_add/tasks/main.yaml + +- name: Conf - Add User + user: + append: "{{ item.append | default(omit) }}" + createhome: "{{ 'yes' if users_create_homedirs else 'no' }}" + generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}" + groups: "{{ item.groups | join(',') if 'groups' in item else '' }}" + name: "{{ item.username }}" + password: "{{ item.password if item.password is defined else '!' }}" + shell: "{{ item.shell if item.shell is defined else users_shell }}" + state: present + with_items: "{{ users }}" + tags: + - user-add-conf + +- name: Conf - SSH keys + authorized_key: + user: "{{ item.0.username }}" + key: "{{ item.1 }}" + with_subelements: + - "{{ users }}" + - ssh_key + - skip_missing: yes + tags: + - user-add-conf + +- name: Conf - Allow Password Login + lineinfile: + dest: "/etc/ssh/sshd_config" + regexp: "^PasswordAuthentication no" + line: "PasswordAuthentication yes" + notify: + - "Restart SSHd" + tags: + - user-add-conf + +- name: Conf - Add Visudo Entry + lineinfile: + dest: "/etc/sudoers" + state: present + line: "{{ item.username }} ALL=(ALL) NOPASSWD: ALL" + validate: "visudo -cf %s" + with_items: "{{ users }}" + tags: + - user-add-conf + |