| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- ---
- # Intended to be called on a fresh box, just to set up my users
- - name: Add the fdamstra account
- hosts: all
- become: yes
- become_user: root
- tasks:
- - name: Create fdamstra user
- ansible.builtin.user:
- name: fdamstra
- state: present
- comment: Fred Damstra
- shell: /bin/bash
- append: yes # add groups, not replace
- groups:
- - sudo
- home: /home/fdamstra
- password: "{{ password }}"
- update_password: on_create
- - name: Create authorized key
- authorized_key:
- user: fdamstra
- state: present
- key: "{{ public_ssh_key }}"
- - name: Set nopassword for sudo group
- lineinfile:
- path: /etc/sudoers.d/20-sudo-group-nopasswd
- line: '%sudo ALL=(ALL) NOPASSWD: ALL'
- state: present
- mode: 0440
- create: yes
- validate: 'visudo -cf %s'
- - name: Install public key
- copy:
- dest: /home/fdamstra/.ssh/id_ed25519.pub
- content: "{{ public_ssh_key }}"
- mode: 0644
- owner: fdamstra
- - name: Install private key
- copy:
- dest: /home/fdamstra/.ssh/id_ed25519
- content: "{{ private_ssh_key }}"
- mode: 0600
- owner: fdamstra
|
