aboutsummaryrefslogtreecommitdiffstats
path: root/resources/tools/testbed-setup/ansible/roles/user_add
diff options
context:
space:
mode:
authorpmikus <pmikus@cisco.com>2020-05-20 10:07:36 +0000
committerPeter Mikus <pmikus@cisco.com>2020-05-21 15:10:26 +0000
commitc180acb883d659136a96fa989c85d9b045eea467 (patch)
treeba661a41d51f69b25d8b3250f50a85c3941948c0 /resources/tools/testbed-setup/ansible/roles/user_add
parenta6ed764aecf2983a759931cc8d4bef161045d062 (diff)
Infra: Ansible Nomad
Signed-off-by: pmikus <pmikus@cisco.com> Change-Id: Icc03bf62d8639f603ca90aa6ab849a46dc911d56
Diffstat (limited to 'resources/tools/testbed-setup/ansible/roles/user_add')
-rw-r--r--resources/tools/testbed-setup/ansible/roles/user_add/defaults/main.yaml8
-rw-r--r--resources/tools/testbed-setup/ansible/roles/user_add/handlers/main.yaml5
-rw-r--r--resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml40
3 files changed, 37 insertions, 16 deletions
diff --git a/resources/tools/testbed-setup/ansible/roles/user_add/defaults/main.yaml b/resources/tools/testbed-setup/ansible/roles/user_add/defaults/main.yaml
index 9e5aaf272c..56f5098f12 100644
--- a/resources/tools/testbed-setup/ansible/roles/user_add/defaults/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/user_add/defaults/main.yaml
@@ -1,5 +1,11 @@
---
# file: roles/user_add/defaults/main.yaml
-user_pass: "$6$zpBUdQ4q$P2zKclumvCndWujgP/qQ8eMk3YZk7ESAom04Fqp26hJH2jWkMXEX..jqxzMdDLJKiDaDHIaSkQMVjHzd3cRLs1"
+# Default shell for a user if none is specified.
+users_shell: /bin/bash
+# Default create home dirs for new users.
+users_create_homedirs: true
+
+# Default list of users to create.
+users: []
diff --git a/resources/tools/testbed-setup/ansible/roles/user_add/handlers/main.yaml b/resources/tools/testbed-setup/ansible/roles/user_add/handlers/main.yaml
index e6b7d82844..960f573b48 100644
--- a/resources/tools/testbed-setup/ansible/roles/user_add/handlers/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/user_add/handlers/main.yaml
@@ -1,10 +1,7 @@
---
# file: roles/user_add/handlers/main.yaml
-- name: Restart sshd
+- name: Restart SSHd
service:
name: sshd
state: restarted
- tags:
- - restart-sshd
-
diff --git a/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml b/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
index 2672996202..8323284261 100644
--- a/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
+++ b/resources/tools/testbed-setup/ansible/roles/user_add/tasks/main.yaml
@@ -1,31 +1,49 @@
---
# file: roles/user_add/tasks/main.yaml
-- name: Add testuser account
+- name: Conf - Add User
user:
- name: "testuser"
+ append: "{{ item.append | default(omit) }}"
+ createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
+ generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
+ group: "{{ item.group | default(item.username) }}"
+ groups: "{{ item.groups | join(',') if 'groups' in item else '' }}"
+ name: "{{ item.username }}"
+ password: "{{ item.password if item.password is defined else '!' }}"
+ shell: "{{ item.shell if item.shell is defined else users_shell }}"
state: present
- shell: "/bin/bash"
- password: "{{ user_pass }}"
+ with_items: "{{ users }}"
tags:
- - add-user
+ - user-add-conf
-- name: Allow password login
+- name: Conf - SSH keys
+ authorized_key:
+ user: "{{ item.0.username }}"
+ key: "{{ item.1 }}"
+ with_subelements:
+ - "{{ users }}"
+ - ssh_key
+ - skip_missing: yes
+ tags:
+ - user-add-conf
+
+- name: Conf - Allow Password Login
lineinfile:
dest: "/etc/ssh/sshd_config"
regexp: "^PasswordAuthentication no"
line: "PasswordAuthentication yes"
notify:
- - "Restart sshd"
+ - "Restart SSHd"
tags:
- - allow-password-login
+ - user-add-conf
-- name: Add visudo entry
+- name: Conf - Add Visudo Entry
lineinfile:
dest: "/etc/sudoers"
state: present
- line: "testuser ALL=(ALL) NOPASSWD: ALL"
+ line: "{{ item.username }} ALL=(ALL) NOPASSWD: ALL"
validate: "visudo -cf %s"
+ with_items: "{{ users }}"
tags:
- - allow-sudo
+ - user-add-conf