2023-03-22 21:40:01 +00:00
|
|
|
---
|
2023-03-22 21:41:01 +00:00
|
|
|
# task/create_user file for provision_ansible_user
|
2023-03-23 22:17:24 +00:00
|
|
|
- name: "Create user {{ provision_ansible_user_name }}"
|
|
|
|
|
ansible.builtin.user:
|
|
|
|
|
name: "{{ provision_ansible_user_name }}"
|
|
|
|
|
comment: "Ansible service user"
|
|
|
|
|
password: "{{ provision_ansible_user_password }}"
|
|
|
|
|
shell: "{{ provision_ansible_user_shell }}"
|
|
|
|
|
system: "{{ provision_ansible_user_is_system }}"
|
|
|
|
|
create_home: true
|
2023-03-24 22:40:02 +00:00
|
|
|
|
|
|
|
|
- name: "Add user to sudoers"
|
|
|
|
|
ansible.builtin.copy:
|
|
|
|
|
dest: "/etc/sudoers.d/{{ provision_ansible_user_name }}"
|
|
|
|
|
mode: 0640
|
|
|
|
|
content: "{{ provision_ansible_user_name }} ALL=(ALL) NOPASSWD: ALL"
|
|
|
|
|
|
|
|
|
|
- name: "Add key to authorized_keys"
|
|
|
|
|
user: "{{ provision_ansible_user_name }}"
|
|
|
|
|
key: "{{ provision_ansible_user_ssh_key }}"
|
|
|
|
|
comment: "ansible@{{ ansible_hostname }}"
|
|
|
|
|
key_options: "{{ provision_ansible_user_ssh_key_options }}"
|
|
|
|
|
exclusive: "{{ provision_ansible_user_ssh_key_exclusive }}"
|
