aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.ansible/roles/user_add
diff options
context:
space:
mode:
authorpmikus <pmikus@cisco.com>2021-05-05 14:56:45 +0000
committerPeter Mikus <pmikus@cisco.com>2021-05-11 12:09:01 +0000
commit78a8427cc50c137e5d59ad3448ae128fdda369b2 (patch)
treecac13b10bf90af6f271e5a38f17f8254e64a5e9f /fdio.infra.ansible/roles/user_add
parent6c70887b91dd02d5c7bba0df61c2503db97abc6d (diff)
Infra: Backend infra upgrade
Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: If1e659339f0d25ebcaab4388745c62aa0852abb3
Diffstat (limited to 'fdio.infra.ansible/roles/user_add')
-rw-r--r--fdio.infra.ansible/roles/user_add/tasks/main.yaml19
1 files changed, 4 insertions, 15 deletions
diff --git a/fdio.infra.ansible/roles/user_add/tasks/main.yaml b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
index f980aff84d..e2ef63db48 100644
--- a/fdio.infra.ansible/roles/user_add/tasks/main.yaml
+++ b/fdio.infra.ansible/roles/user_add/tasks/main.yaml
@@ -22,27 +22,16 @@
with_subelements:
- "{{ users }}"
- ssh_key
- - skip_missing: yes
+ - skip_missing: true
tags:
- user-add-conf
-- name: Conf - Allow Password Login
+- name: Conf - Disable Password Login
lineinfile:
dest: "/etc/ssh/sshd_config"
- regexp: "^PasswordAuthentication no"
- line: "PasswordAuthentication yes"
+ regexp: "^PasswordAuthentication yes"
+ line: "PasswordAuthentication no"
notify:
- "Restart SSHd"
tags:
- user-add-conf
-
-- name: Conf - Add Visudo Entry
- lineinfile:
- dest: "/etc/sudoers"
- state: present
- line: "{{ item.username }} ALL=(ALL) NOPASSWD: ALL"
- validate: "visudo -cf %s"
- with_items: "{{ users }}"
- tags:
- - user-add-conf
-