forked from Netz39_Admin/netz39-infra-ansible
Add tasks for user management
This commit is contained in:
parent
87b531f909
commit
2477896834
1 changed files with 48 additions and 0 deletions
48
tasks/users.yml
Normal file
48
tasks/users.yml
Normal file
|
@ -0,0 +1,48 @@
|
|||
---
|
||||
- name: Add users | create users, shell, home dirs
|
||||
user:
|
||||
name: "{{ item }}"
|
||||
shell: /bin/bash
|
||||
createhome: yes
|
||||
comment: 'created with ansible'
|
||||
password_lock: true
|
||||
append: true
|
||||
with_items:
|
||||
- "{{ admin_users }}"
|
||||
|
||||
- name: Create .ssh user directories
|
||||
file:
|
||||
path: "{{ '/home/' + item + '/.ssh' }}"
|
||||
state: directory
|
||||
mode: "0700"
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
with_items:
|
||||
- "{{ admin_users }}"
|
||||
|
||||
- name: Set authorized keys for users
|
||||
copy:
|
||||
src: "{{'users/' + item + '_authorized_keys'}}"
|
||||
remote_src: no
|
||||
dest: "{{ '/home/' + item + '/.ssh/authorized_keys' }}"
|
||||
mode: "0600"
|
||||
owner: "{{ item }}"
|
||||
group: "{{ item }}"
|
||||
with_items:
|
||||
- "{{ admin_users }}"
|
||||
|
||||
- name: Place users in sudo group
|
||||
user:
|
||||
name: "{{ item }}"
|
||||
groups: sudo
|
||||
append: yes
|
||||
with_items:
|
||||
- "{{ admin_users }}"
|
||||
|
||||
- name: Configure group sudo for sudoers without password
|
||||
lineinfile:
|
||||
path: /etc/sudoers
|
||||
state: present
|
||||
regexp: '^%sudo\s'
|
||||
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
|
||||
validate: /usr/sbin/visudo -cf %s
|
Loading…
Reference in a new issue