Merge branch 'users'

This commit is contained in:
Stefan Haun 2020-11-24 19:22:00 +01:00
commit 2f688e4adb
4 changed files with 59 additions and 0 deletions

View file

@ -4,6 +4,7 @@
vars: vars:
- server_admin: "admin@netz39.de" - server_admin: "admin@netz39.de"
- admin_users: [tux, alex]
- ag_timezone: Europe/Berlin - ag_timezone: Europe/Berlin
roles: roles:
@ -31,5 +32,8 @@
unattended_package_blacklist: [cowsay] unattended_package_blacklist: [cowsay]
unattended_mail: 'root' unattended_mail: 'root'
- name: Setup users
include_tasks: tasks/users.yml
- name: Setup httpd - name: Setup httpd
include_tasks: tasks/httpd.yml include_tasks: tasks/httpd.yml

48
tasks/users.yml Normal file
View file

@ -0,0 +1,48 @@
---
- name: Add users | create users, shell, home dirs
user:
name: "{{ item }}"
shell: /bin/bash
createhome: yes
comment: 'created with ansible'
password_lock: true
append: true
with_items:
- "{{ admin_users }}"
- name: Create .ssh user directories
file:
path: "{{ '/home/' + item + '/.ssh' }}"
state: directory
mode: "0700"
owner: "{{ item }}"
group: "{{ item }}"
with_items:
- "{{ admin_users }}"
- name: Set authorized keys for users
copy:
src: "{{'users/' + item + '_authorized_keys'}}"
remote_src: no
dest: "{{ '/home/' + item + '/.ssh/authorized_keys' }}"
mode: "0600"
owner: "{{ item }}"
group: "{{ item }}"
with_items:
- "{{ admin_users }}"
- name: Place users in sudo group
user:
name: "{{ item }}"
groups: sudo
append: yes
with_items:
- "{{ admin_users }}"
- name: Configure group sudo for sudoers without password
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo\s'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s

View file

@ -0,0 +1,6 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVZPAE3XE8Ek1Ji4sCIHxLVx+bi2qpsTSsYhBqtYysnFn9AHJj14BR59D0Si05sfVkmL4OQoo7Q98oIxy33PgtqoUfgXk9dc7dlsye3t/gsAb25ABnqG/ZYe65nZLN7BzRM1/QZIbd6sSu6eXrNFCh0ikB5se4zgVkDO8t6h2dnz4FvTuIM2Bi/PnIJTqb8+uLQE1vS3A7tTx100ZKXxr81dlo2Y1JBP6WrS1W1IyFiG6wofl2XTY02ssyoENQyR89lLMJYKvm5xlhL/L69gtMsqIX9UBQFk8Rpq04ZIwN6b0K4R142GZvxdJNdQULgtI3gPkKgH7FDoFsRHNA6b/9 adahl@ada
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDvczlb1+9d1BjuLk5ZcQt2Z0Dh61Vg91i47tM48CN2koJ4I/9vgN37l6mnr383zD8kQkXDGmCYpXOa48WocyyUuP3h75DCjANYcWOsohQfFu2F1ZOiiVCGduDntzS2nbZEF2W3nZNLQ6/dKKEeaSxu5RjKflkWakghkMt3H4KN20bxzYzHQMLhRYFEGHpskOqeaXKPkqqEP+u5kToINtmXwegCvQFnlx4fNrysFII79buBNlcLsO1X4ABucVMYT/OJnBpJEfEcNFUKrJZRGgM8aDbUpkV9LRY2lywvoKJhiRMc7x7kK0LWOTdPJri+SJhW6fEW4JKCRTSHVN8OS8S/ alex@buffy
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsGvQ1COtwA4ERf+Z/IMxlw4RadCVKIQzB6v8n20dDM+bfBmTxk7NeSGbdB/vjvUV0Oq47KfDISDAlwhSv0aSpij3d7twPWrFz7eoFWAGO2mnz39btA1i9ygMypsP56NHZDsgokPoCSX3viKyFhh6qgt6cCOJYwLZix4VoFKaQ7GlqoVKAHz9v3r/Lq15oTRcCoqP7FID4Fp1a51fY2XQltALoQnfZVhqpnJB30U0uv79QCAHS5IC75fmRjm1vo/mmu0Kbu4+KfU2+MIpzx2Y6xyntIpB1Nuk9Xn1ptKw1CmgKcNOKNGkKuegripoAHv6oylTjge61ksDPjhAyisNGQ== alex@falbala
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqx9VCxrcbUrGJ9MOTcS0Jq09bZz3gNKL4mvOXhnMhjbt0IrEENcexwVbk4pSHsezz4LKapvqmT+0U4WiCsU/DtwzLlV7Qgbjoo+Buwzll9Hi+xGn6xIHwvAZoltj2IioIIQgRxF+B/mqGaOU2KN/Yq/2ODMGvPj00VQ2+otLX3XrFoUJX5oot7GsonY2RxrSgOhWCosApgt4MxcuKjyS6VS8RDfdNn522VEPlKevUz5gY7sK5cKcAS3j29+VdXpqewa6jcz0KmQroLXFyJzPkTH2lt5AIurojGtZqbkas/TQPSExun9XpkA3gxuwVKD/uLl/R/7ecagNKdl/+Rtsbw== alex@tiffy
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC92+JJ7C0WYgripJ9hSIb2D/QMzw/rMmeFTTcO34DJNAVIQtq9nb8Ev7s8Bjz3VR7/LS4kQlyB6dp1RLuObPYRafY0695lja4lwgy7iY1OAYCNM71OYyyztcoHEz3fGO4tzNx5Z1tI9zLpS1Wr7ENeKOKBqmFIgZno67Gq+NZr3LHNvnvAsbMsZXOdnld0LmG0Um35WEN60UYz3k6QUYBfaYrHnX2OP9auK5QDnd2jVTdNLRbBus7VtIsCfK3szLa+dFyd/ISPCB/YsZj1i0WmO766Y4GqFTZhIZUok4JuU8pl/7Y9CSKRMx4sp/3LYIAyOsL5EJxmg3fEfYsRK0gb alex@toshy
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGmU7MfOFuc6z5Vbwh4CbBFSg19f8B9rUO2ITjgmEvkY alex@lemmy

View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvxbl9eiBojG2zKw2eSftwaMpA4XeONJpPK++WBUBJi+4RhvtN+8YX55cGsRlAA2pvW1a6hxjuR/NEA0+EAZ8ueNaOrMJjHvuUSzO76YF1gHlusAbhYvNl4EYZz/lkrFM4oaa/4/WirgUvSKnpPQx2YgX/AEkIwzk6nQLve+NmijkWdWzaww5snjbAEsgo+iEqeLPRfzbxX4Esp8bqFy3qD0SGgJM8iWlUaWCoQI1HhU4lVBtwdR6cJQ3QnmhUidRLOpIpX1sBRM8Cnwc5g2u3OpsaxPd77+5hXtxKjQUby/YLGmr6L2x1tWYqkV+GZA0Lh3fwM0BjDVT/Y/a+HUVh tux@netz39.de