xpk/ansible.role.users
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
xpk
2019-01-21 18:51:25 +08:00
commit 87957c15b5
2 changed files with 63 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+49
View File
@@ -0,0 +1,49 @@
# users ansible role.
Create user and optionally put user into sudoers. By default, user is added to ssh_access group.
## Required variables:
user:
name: john
group: clientadmin
pwhash: sha512 hash
sudoers: yes/no
## Usage:
Create a playbook like this
```
---
- name: create user rs-test1
hosts: test1
become: yes
roles:
- role: users
vars:
user:
name: rs-test1
group: clientadmin
pwhash: "$6$fqpO..."
sudoers: yes
```
## How to generate pwhash
```mkpasswd -m sha-512```
or use the following python script which generates random password and a hash at the same time
```
#!/usr/bin/env python3
import string
import crypt
import threading
from random import *
characters = string.ascii_letters + "~@#$%^&*()-_+=23456789"
def genOne():
password = "".join(choice(characters) for x in range(randint(10, 15)));
salt = crypt.mksalt(method=crypt.METHOD_SHA512);
print (password, "|", crypt.crypt(password,salt=salt));
for i in range(4):
threading.Thread(target=genOne, args=()).start()
```
tasks/main.yml
+14
View File
@@ -0,0 +1,14 @@
- name: Create user {{ user.name }}
user:
name: "{{ user.name }}"
shell: /bin/bash
groups: "{{ user.group }},ssh_access"
password: "{{ user.pwhash }}"
- name: Add user to sudoers
lineinfile:
path: "/etc/sudoers.d/{{ user.name }}"
create: yes
line: "{{ user.name }} ALL=(ALL) NOPASSWD: ALL"
when: user.sudoers