aboutsummaryrefslogtreecommitdiff
path: root/roles/guest-configure/tasks/user.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/guest-configure/tasks/user.yml')
-rw-r--r--roles/guest-configure/tasks/user.yml52
1 files changed, 52 insertions, 0 deletions
diff --git a/roles/guest-configure/tasks/user.yml b/roles/guest-configure/tasks/user.yml
new file mode 100644
index 0000000..c0e418b
--- /dev/null
+++ b/roles/guest-configure/tasks/user.yml
@@ -0,0 +1,52 @@
+- name: Create user
+ ansible.builtin.user:
+ name: "{{ guest_configure_user }}"
+
+- name: RedHat block
+ block:
+ - name: Add user to sudo group (RedHat)
+ ansible.builtin.user:
+ name: "{{ guest_configure_user }}"
+ groups: "wheel"
+ append: yes
+
+ - name: Allow wheel group nopasswd in sudoers (RedHat)
+ lineinfile:
+ path: /etc/sudoers
+ state: present
+ regexp: '^%wheel'
+ line: '%wheel ALL=(ALL) NOPASSWD: ALL'
+ validate: 'visudo -cf %s'
+ when: ansible_os_family == "RedHat"
+
+- name: Debian block
+ block:
+ - name: Add user to sudo group (Debian)
+ ansible.builtin.user:
+ name: "{{ guest_configure_user }}"
+ groups: "sudo"
+ append: yes
+
+ - name: Allow sudo group nopasswd in sudoers (Debian)
+ lineinfile:
+ path: /etc/sudoers
+ state: present
+ regexp: '^%sudo'
+ line: '%sudo ALL=(ALL) NOPASSWD: ALL'
+ validate: 'visudo -cf %s'
+ when: ansible_os_family == "Debian"
+
+- name: Create user .ssh folder
+ ansible.builtin.file:
+ path: "/home/{{ guest_configure_user }}/.ssh/"
+ state: directory
+ mode: "0700"
+ owner: "{{ guest_configure_user }}"
+
+- name: Copy root ssh authorized_keys key to new user
+ ansible.builtin.copy:
+ src: "/root/.ssh/authorized_keys"
+ dest: "/home/{{ guest_configure_user }}/.ssh/authorized_keys"
+ remote_src: yes
+ mode: "0600"
+ owner: "{{ guest_configure_user }}"
generated by cgit (git 2.34.1) at 2025-12-06 08:16:13 +0000