You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
- name: Create required deployment users
|
|
|
|
|
hosts: all
|
|
|
|
|
become: yes
|
|
|
|
|
become_method: sudo
|
|
|
|
|
become_user: root
|
|
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
|
- name: Create Ansible user
|
|
|
|
|
user:
|
|
|
|
|
name: ansible # Username
|
|
|
|
|
groups: sudo
|
|
|
|
|
expires: -1
|
|
|
|
|
password: "{{ 'mypassword' | password_hash('sha512') }}" # Encrypted password
|
|
|
|
|
state: present # Ensure the user is present
|
|
|
|
|
createhome: yes # Create the user's home directory
|
|
|
|
|
generate_ssh_key: yes # Generate an SSH key pair for the user
|
|
|
|
|
ssh_key_bits: 2048
|
|
|
|
|
ssh_key_file: .ssh/id_rsa
|
|
|
|
|
- name: Create sudoers file
|
|
|
|
|
copy:
|
|
|
|
|
dest: /etc/sudoers.d/ansible
|
|
|
|
|
content: ""
|
|
|
|
|
- name: Add sudoers entry
|
|
|
|
|
lineinfile:
|
|
|
|
|
dest: /etc/sudoers.d/ansible
|
|
|
|
|
state: present
|
|
|
|
|
regexp: '^ansible'
|
|
|
|
|
line: 'ansible ALL=(ALL) NOPASSWD: ALL'
|
|
|
|
|
validate: 'visudo -cf %s'
|
