max/netz39-infra-ansible
1
0
Fork 0
forked from Netz39_Admin/netz39-infra-ansible
Code Issues Pull requests Releases Wiki Activity

Add tasks for user management

Browse source
This commit is contained in:
Stefan Haun 2020-11-24 19:21:43 +01:00
parent 87b531f909
commit 2477896834
1 changed files with 48 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
tasks/users.yml Normal file
View file

@ -0,0 +1,48 @@
---
- name: Add users | create users, shell, home dirs
user:
name: "{{ item }}"
shell: /bin/bash
createhome: yes
comment: 'created with ansible'
password_lock: true
append: true
with_items:
- "{{ admin_users }}"
- name: Create .ssh user directories
file:
path: "{{ '/home/' + item + '/.ssh' }}"
state: directory
mode: "0700"
owner: "{{ item }}"
group: "{{ item }}"
with_items:
- "{{ admin_users }}"
- name: Set authorized keys for users
copy:
src: "{{'users/' + item + '_authorized_keys'}}"
remote_src: no
dest: "{{ '/home/' + item + '/.ssh/authorized_keys' }}"
mode: "0600"
owner: "{{ item }}"
group: "{{ item }}"
with_items:
- "{{ admin_users }}"
- name: Place users in sudo group
user:
name: "{{ item }}"
groups: sudo
append: yes
with_items:
- "{{ admin_users }}"
- name: Configure group sudo for sudoers without password
lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo\s'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s