nabarun
65be098ce9
Part of [Service Provider Setup](https://www.notion.so/Service-provider-setup-a09e2207e1f34f3a847f7ce9713b7ac5) - Move user setup playbook to separate directory - Remove unneeded variables Co-authored-by: Adw8 <adwaitgharpure@gmail.com> Reviewed-on: #14
47 lines
1.2 KiB
YAML
47 lines
1.2 KiB
YAML
- name: Configure system
|
|
hosts: deployment_host
|
|
become: yes
|
|
|
|
vars_files:
|
|
- user-vars.yml
|
|
|
|
tasks:
|
|
- name: Create a user
|
|
user:
|
|
name: "{{ username }}"
|
|
password: "{{ '{{ password }}' | password_hash('sha512') }}"
|
|
shell: /bin/bash
|
|
state: present
|
|
|
|
- name: Add user to sudoers group
|
|
user:
|
|
name: "{{ username }}"
|
|
groups: sudo
|
|
append: yes
|
|
|
|
- name: Ensure .ssh directory exists for user
|
|
file:
|
|
path: /home/{{ username }}/.ssh
|
|
state: directory
|
|
owner: "{{ username }}"
|
|
group: "{{ username }}"
|
|
mode: '0700'
|
|
|
|
- name: Append SSH public key to authorized_keys
|
|
lineinfile:
|
|
path: /home/{{ username }}/.ssh/authorized_keys
|
|
line: "{{ lookup('file', path_to_ssh_key) }}"
|
|
create: yes
|
|
owner: "{{ username }}"
|
|
group: "{{ username }}"
|
|
mode: '0600'
|
|
state: present
|
|
|
|
- name: Add user to sudoers for passwordless sudo
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
regexp: '^{{ username }} ALL=\(ALL\) NOPASSWD:ALL'
|
|
line: '{{ username }} ALL=(ALL) NOPASSWD:ALL'
|
|
validate: 'visudo -cf %s'
|