79 lines
3 KiB
YAML
79 lines
3 KiB
YAML
- name: Add users, make them passwordless sudoers and download their ssh keys
|
|
hosts:
|
|
- lxc
|
|
- full_os
|
|
gather_facts: false
|
|
|
|
vars:
|
|
mhrebik_keys:
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOH/TlOb8TAXiMhN8u7VNqPC7W2hrhygm/1BZBZZp0qo
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAUkzs5GNd3Ocxb6cYFU5uFqlUrbgzeJaov4VM6HliFO
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGb8+AbE+2LUmgDft/Z79aH+qDWWLomRes4PPJlaE7ad
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6Dz6emnU+kRT7mh26QP0j3UL9mT33h+B6iCTh4Wb2L
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOnPnJlE2yYvOt4v8W9LA3ZzgSj1T5zCPdcqryYfdKiN
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOZ11i0NL5kxdVf8kWNYzVSZwC2pmxTnV1xxxXWuo//6
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKwVRpRO4f00zBQ1Ju9hInJwVuP/Iq0QDWBE4S1R2S33
|
|
|
|
matty_keys:
|
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqgwteN2X+a3n/6CqbNHkOyRn9QZ0rMP+xvMaNmeamGQ12KFs8E47hStIgnb3UOfgUDgJ93GYcAJWr/ipcXNqOjZDcrQ/QImcUrbOfYasaTIVUtKXjHX/Q1gM7ESMhHi9iWPAKXB4pxPzCnnn95uFRM7w9uq/lw7P+ISPN7hc6UONAzYCaQN9Nc4NUaj048PWx+TjSJFbEGgOlmKDSDRUxTbm1cI1vnH0WmO3TnmDFjDOgt33FrPaNdQ22qf+IULCPruz2RQZYhLEhh2PFtgeKOxVx+8R5SlMG4jm39E7GxP60W6XpsggiwrD63QNi8KdGd6ZBVk4bQLZ2PCPH42S63oSC0tu9KeyDxdgJkmsP9g9UiEbrGVy0zC9njj+mJvbIcrJ3aee2QpjFy/3lMT+WOicu6j9mCFi2NWDU37gsnEVIy2eegO6mpOmQ6QlZv1YMesz0V3gz+tlP9HKKXCb9Ex5LCPscO4nZTAModj3fh5kItlbImsVEUgPYcXa901k=
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ96BSOF6J/WI4x31X7DMl/WmF6Rp6gYojBg0BZEw4wt
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBurNtP4P/pYGIKBDT5Kup/r/tEv8A+ntUOL6zKpzIQO
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFXXLYPnOPYDug9WYZtwoyRci2kCsaEg/5EeYsYeV3w
|
|
|
|
tasks:
|
|
- name: Create the sudo_passwordless group
|
|
ansible.builtin.group:
|
|
name: sudo_passwordless
|
|
state: present
|
|
|
|
- name: Create user "mhrebik"
|
|
ansible.builtin.user:
|
|
name: "mhrebik"
|
|
groups:
|
|
- sudo_passwordless
|
|
append: true
|
|
password: "$y$j9T$lFmEIGHoVlJMj8lklmG/O0$Cxh4sTsBk8FUgMqbJBqIee58hg8r4kXcv4/P1UDZMmD"
|
|
|
|
- name: Create user matty
|
|
ansible.builtin.user:
|
|
name: "matty"
|
|
groups:
|
|
- sudo_passwordless
|
|
append: true
|
|
password: "$y$j9T$UC70HSbFYAg7I306Q204R.$Jfvjvhrw.UIPL9WI6pX7LdWvuvJS1VH3DJT6EFHQ/XB"
|
|
|
|
- name: Create user Kandertova
|
|
ansible.builtin.user:
|
|
name: "mhrebik"
|
|
groups:
|
|
- sudo_passwordless
|
|
append: true
|
|
password: "$y$j9T$46ejfvmwiL46oswXXNjLg.$AfjG8EKB0DzjBPuC7luLhxY/iDmzkQlHWvc6mgx6Jw0"
|
|
|
|
- name: Allow passwordless sudo for the group in sudoers
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
line: '%sudo_passwordless ALL=(ALL) NOPASSWD: ALL'
|
|
validate: 'visudo -cf %s'
|
|
|
|
- name: Add mhrebik keys
|
|
ansible.builtin.authorized_key:
|
|
user: mhrebik
|
|
key: "{{ item }}"
|
|
with_items: mhrebik_keys
|
|
|
|
- name: Add matty keys
|
|
ansible.builtin.authorized_key:
|
|
user: matty
|
|
key: "{{ item }}"
|
|
with_items: matty_keys
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|