From 843ad6659cc0bd6b8baaf2033e680d32a0531b2d Mon Sep 17 00:00:00 2001 From: spmfox Date: Sat, 10 Jun 2023 22:50:30 -0400 Subject: adding tags, adding guest configuration --- roles/guest-configure/tasks/user.yml | 52 ++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 roles/guest-configure/tasks/user.yml (limited to 'roles/guest-configure/tasks/user.yml') diff --git a/roles/guest-configure/tasks/user.yml b/roles/guest-configure/tasks/user.yml new file mode 100644 index 0000000..c0e418b --- /dev/null +++ b/roles/guest-configure/tasks/user.yml @@ -0,0 +1,52 @@ +- name: Create user + ansible.builtin.user: + name: "{{ guest_configure_user }}" + +- name: RedHat block + block: + - name: Add user to sudo group (RedHat) + ansible.builtin.user: + name: "{{ guest_configure_user }}" + groups: "wheel" + append: yes + + - name: Allow wheel group nopasswd in sudoers (RedHat) + lineinfile: + path: /etc/sudoers + state: present + regexp: '^%wheel' + line: '%wheel ALL=(ALL) NOPASSWD: ALL' + validate: 'visudo -cf %s' + when: ansible_os_family == "RedHat" + +- name: Debian block + block: + - name: Add user to sudo group (Debian) + ansible.builtin.user: + name: "{{ guest_configure_user }}" + groups: "sudo" + append: yes + + - name: Allow sudo group nopasswd in sudoers (Debian) + lineinfile: + path: /etc/sudoers + state: present + regexp: '^%sudo' + line: '%sudo ALL=(ALL) NOPASSWD: ALL' + validate: 'visudo -cf %s' + when: ansible_os_family == "Debian" + +- name: Create user .ssh folder + ansible.builtin.file: + path: "/home/{{ guest_configure_user }}/.ssh/" + state: directory + mode: "0700" + owner: "{{ guest_configure_user }}" + +- name: Copy root ssh authorized_keys key to new user + ansible.builtin.copy: + src: "/root/.ssh/authorized_keys" + dest: "/home/{{ guest_configure_user }}/.ssh/authorized_keys" + remote_src: yes + mode: "0600" + owner: "{{ guest_configure_user }}" -- cgit