xpk/ansible.role.users
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
6fdb3702981bcf1d31feff0cccbc0747b1e6886c
ansible.role.users/tasks/main.yml
T
xpk 6fdb370298 ENH: added sudoers validation
2020-02-21 14:14:09 +08:00

35 lines
928 B
YAML
Raw Blame History

---
- name: create ssh_access group
group:
name: ssh_access
state: present
- name: Create user
user:
name: "{{ item }}"
shell: /bin/bash
groups: "{{ group }},ssh_access"
password: "{{lookup('password', 'cred.' + item + '.pass chars=ascii_letters,digits,hexdigitsi length=15') | password_hash('sha512')}}"
loop: "{{ userlist }}"
- name: Add user to sudoers
lineinfile:
path: "/etc/sudoers.d/{{item}}"
create: yes
line: "{{ item }} ALL=(ALL) NOPASSWD: ALL"
mode: 0440
validate: visudo -cf %s
when: sudoers
loop: "{{ userlist }}"
- name: Display generated password
debug:
msg: "Generated password for {{ item }}: {{lookup('password', 'cred.' + item + '.pass chars=ascii_letters,digits,hexdigitsi length=15')}}"
loop: "{{ userlist }}"
- name: Remove password files created by ansible
file:
path: cred.{{item}}.pass
state: absent
loop: "{{ userlist }}"
Reference in New Issue View Git Blame Copy Permalink