Commit c7613aba authored by Felix's avatar Felix
Browse files

Initial commit

parents
## User creation
* This role creates the user `user` on a system.
* This user will be added to the groups: `docker`, `ssh_login` and `sudo`
* The password will be set accordingly to the provided information from a simple, encrypted KeePass database.
#### You can connect directly with
`ssh -p 2222 user@123.456.789.1`
or use an alias in your `.ssh/config` (recommended):
```
Host asososca
Port 2222
User user
Hostname 123.456.789.1
```
---
- name: ensure important groups exist
group:
name: "{{ item }}"
system: yes
state: present
with_items:
- docker
- ssh_login
- sudo
- name: ensure system user exists
user:
name: "{{ system_user_username }}"
generate_ssh_key: yes # generate default id_rsa
password: "{{ system_user_password|password_hash('sha512') }}"
groups: "ssh_login,sudo,docker"
update_password: on_create
- name: ensure user can use sudo without password
lineinfile:
dest: /etc/sudoers
line: "{{ system_user_username }} ALL= NOPASSWD: ALL"
---
keepass_base_key: "ansible/hosts/{{ ansible_hostname }}"
keepass_key_user: "{{ keepass_base_key }}.username"
keepass_key_pass: "{{ keepass_base_key }}.password"
system_user_username: "{{ lookup('keepass',keepass_key_user) }}"
system_user_password: "{{ lookup('keepass',keepass_key_pass) }}"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment