vm-ansible/roles/common/tasks/user-ops.yaml

39 lines
1013 B
YAML
Raw Normal View History

2022-02-05 21:00:03 +01:00
---
2023-07-25 16:58:19 +02:00
- name: Create .ssh directory of ansible user
2023-08-30 23:13:59 +02:00
file:
2023-07-25 15:00:05 +02:00
path: /home/ansible@intra.tormakris.dev/.ssh
2022-04-16 23:47:29 +02:00
state: directory
2023-07-25 15:00:05 +02:00
owner: ansible@intra.tormakris.dev
2023-07-25 17:08:53 +02:00
group: domain users@intra.tormakris.dev
2022-04-16 23:47:29 +02:00
- name: Copy authorized_keys
2023-08-30 23:13:59 +02:00
copy:
2022-04-16 23:47:29 +02:00
src: authorized_keys
2023-07-25 15:00:05 +02:00
dest: /home/ansible@intra.tormakris.dev/.ssh/authorized_keys
2022-04-16 23:47:29 +02:00
mode: 0600
2023-07-25 15:00:05 +02:00
owner: ansible@intra.tormakris.dev
2023-07-25 17:08:53 +02:00
group: domain users@intra.tormakris.dev
2022-04-17 14:38:46 +02:00
2023-07-25 17:08:53 +02:00
- name: Check if group is present in sudoers
2023-08-30 23:13:59 +02:00
lineinfile:
2023-07-25 16:07:49 +02:00
state: absent
path: /etc/sudoers
regexp: "^%linuxadmins"
check_mode: true
changed_when: false
register: checksudoers
- name: Define group in sudoers
2023-08-30 23:13:59 +02:00
lineinfile:
2023-07-25 16:07:49 +02:00
state: present
path: /etc/sudoers
line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL"
when: checksudoers.found == 0
2022-02-05 21:00:03 +01:00
- name: "Update authorized_keys of tormakris"
ansible.posix.authorized_key:
2023-07-25 15:00:05 +02:00
user: tormakris@intra.tormakris.dev
2022-02-05 21:00:03 +01:00
state: present
key: https://static.tormakristof.eu/ssh.keys
2022-04-16 19:55:29 +02:00
...