blob: 2458ccfbb79bf7ea42e14553b23d3d74a396be2c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
- name: Create user
ansible.builtin.user:
name: "{{ guest_configure_user }}"
- name: Set user shell (if defined)
ansible.builtin.user:
name: "{{ guest_configure_user }}"
shell: "{{ guest_configure_user_shell }}"
when: guest_configure_user_shell | length > 0
- name: Add user SSH key (if defined)
ansible.posix.authorized_key:
user: "{{ guest_configure_user }}"
state: present
key: "{{ guest_configure_ssh_key }}"
when: guest_configure_ssh_key | length > 0
- name: RedHat block
when: ansible_os_family == "RedHat"
block:
- name: Add user to sudo group (RedHat)
ansible.builtin.user:
name: "{{ guest_configure_user }}"
groups: "wheel"
append: true
- name: Allow wheel group nopasswd in sudoers (RedHat)
ansible.builtin.lineinfile:
path: /etc/sudoers
state: present
regexp: '^%wheel'
line: '%wheel ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
- name: Debian block
when: ansible_os_family == "Debian"
block:
- name: Add user to sudo group (Debian)
ansible.builtin.user:
name: "{{ guest_configure_user }}"
groups: "sudo"
append: true
- name: Allow sudo group nopasswd in sudoers (Debian)
ansible.builtin.lineinfile:
path: /etc/sudoers
state: present
regexp: '^%sudo'
line: '%sudo ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
|
