copy/paste cleanup
This commit is contained in:
parent
28f1381966
commit
23901fb6a7
@ -1,10 +1,10 @@
|
|||||||
---
|
---
|
||||||
# defaults file for provision_management_user
|
# defaults file for provision_management_user
|
||||||
provision_management_user_name: ansible
|
provision_management_user_name: ubuntu
|
||||||
provision_management_user_group: ansible
|
provision_management_user_group: ubuntu
|
||||||
provision_management_user_password: "*"
|
provision_management_user_password: "*"
|
||||||
provision_management_user_is_system: true
|
provision_management_user_is_system: false
|
||||||
provision_management_user_home: /opt/{{ provision_management_user_name }}
|
provision_management_user_home: /home/{{ provision_management_user_name }}
|
||||||
provision_management_user_shell: /bin/bash
|
provision_management_user_shell: /bin/bash
|
||||||
provision_management_user_sudoer: false
|
provision_management_user_sudoer: false
|
||||||
provision_management_user_add_ssh_key: false
|
provision_management_user_add_ssh_key: false
|
||||||
|
@ -1,9 +1,9 @@
|
|||||||
---
|
---
|
||||||
# task/add_ssh_keys file for provision_ansible_user
|
# task/add_ssh_keys file for provision_management_user
|
||||||
- name: "Add key to authorized_keys"
|
- name: "Add key to authorized_keys"
|
||||||
ansible.posix.authorized_key:
|
ansible.posix.authorized_key:
|
||||||
user: "{{ provision_ansible_user_name }}"
|
user: "{{ provision_management_user_name }}"
|
||||||
key: "{{ provision_ansible_user_ssh_key }}"
|
key: "{{ provision_management_user_ssh_key }}"
|
||||||
comment: "{{ provision_ansible_user_name }}@{{ ansible_hostname }}"
|
comment: "{{ provision_management_user_name }}@{{ ansible_hostname }}"
|
||||||
key_options: "{{ provision_ansible_user_ssh_key_options }}"
|
key_options: "{{ provision_management_user_ssh_key_options }}"
|
||||||
exclusive: "{{ provision_ansible_user_ssh_key_exclusive }}"
|
exclusive: "{{ provision_management_user_ssh_key_exclusive }}"
|
||||||
|
@ -1,27 +1,27 @@
|
|||||||
---
|
---
|
||||||
# task/create_user file for provision_ansible_user
|
# task/create_user file for provision_management_user
|
||||||
- name: "Create group {{ provision_ansible_user_group }}"
|
- name: "Create group {{ provision_management_user_group }}"
|
||||||
ansible.builtin.group:
|
ansible.builtin.group:
|
||||||
name: "{{ provision_ansible_user_group }}"
|
name: "{{ provision_management_user_group }}"
|
||||||
state: present
|
state: present
|
||||||
system: "{{ provision_ansible_user_is_system }}"
|
system: "{{ provision_management_user_is_system }}"
|
||||||
|
|
||||||
- name: "Create user {{ provision_ansible_user_name }}"
|
- name: "Create user {{ provision_management_user_name }}"
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: "{{ provision_ansible_user_name }}"
|
name: "{{ provision_management_user_name }}"
|
||||||
comment: "Ansible service user"
|
comment: "Ansible service user"
|
||||||
password: "{{ provision_ansible_user_password }}"
|
password: "{{ provision_management_user_password }}"
|
||||||
group: "{{ provision_ansible_user_group }}"
|
group: "{{ provision_management_user_group }}"
|
||||||
home: "{{ provision_ansible_user_home }}"
|
home: "{{ provision_management_user_home }}"
|
||||||
shell: "{{ provision_ansible_user_shell }}"
|
shell: "{{ provision_management_user_shell }}"
|
||||||
system: "{{ provision_ansible_user_is_system }}"
|
system: "{{ provision_management_user_is_system }}"
|
||||||
create_home: true
|
create_home: true
|
||||||
|
|
||||||
- name: "Add user to sudoers"
|
- name: "Add user to sudoers"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "/etc/sudoers.d/{{ provision_ansible_user_name }}"
|
dest: "/etc/sudoers.d/{{ provision_management_user_name }}"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0640
|
mode: 0640
|
||||||
content: "{{ provision_ansible_user_name }} ALL=(ALL) NOPASSWD: ALL"
|
content: "{{ provision_management_user_name }} ALL=(ALL) NOPASSWD: ALL"
|
||||||
when: provision_ansible_user_sudoer
|
when: provision_management_user_sudoer
|
||||||
|
@ -5,4 +5,4 @@
|
|||||||
|
|
||||||
- name: "Import add_ssh_keys.yml"
|
- name: "Import add_ssh_keys.yml"
|
||||||
ansible.builtin.include_tasks: add_ssh_keys.yml
|
ansible.builtin.include_tasks: add_ssh_keys.yml
|
||||||
when: provision_ansible_user_add_ssh_key
|
when: provision_management_user_add_ssh_key
|
||||||
|
Loading…
Reference in New Issue
Block a user