Add the admin role
This commit is contained in:
parent
897d3d7380
commit
bf9006b42b
25
roles/admin/README.md
Normal file
25
roles/admin/README.md
Normal file
|
@ -0,0 +1,25 @@
|
|||
# Admin
|
||||
|
||||
Create an admin user that is added to the `sudo` group.
|
||||
|
||||
## Role Variables
|
||||
|
||||
* `admin_become` - Default: true. Enable/disable the Ansible become
|
||||
functionality.
|
||||
* `admin_become_user` - Default: root. When using become functionality for
|
||||
privilege escalation, this is the user with desired privileges you become.
|
||||
* `admin_user` - Username of the admin account.
|
||||
* `admin_password` - Password of the admin account.
|
||||
* `admin_key_file` - Path to the ssh public key of the admin account.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```yaml
|
||||
- hosts: my-server
|
||||
vars:
|
||||
admin_user: administrator
|
||||
admin_password: the_secret_password
|
||||
admin_key_file: /path/to/ssh/key.pub
|
||||
roles:
|
||||
- eriol.kit.admin
|
||||
```
|
3
roles/admin/defaults/main.yml
Normal file
3
roles/admin/defaults/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
admin_become: true
|
||||
admin_become_user: root
|
24
roles/admin/tasks/main.yml
Normal file
24
roles/admin/tasks/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
- block:
|
||||
|
||||
- name: ensure sudo is installed
|
||||
apt:
|
||||
name: sudo
|
||||
state: present
|
||||
update_cache: true
|
||||
cache_valid_time: 3600
|
||||
|
||||
- name: ensure admin user ({{ admin_user }}) exists
|
||||
user:
|
||||
name: "{{ admin_user }}"
|
||||
password: "{{ admin_password | password_hash('sha512') }}"
|
||||
groups: sudo
|
||||
|
||||
- name: set authorized key for the admin user ({{ admin_user }})
|
||||
authorized_key:
|
||||
user: "{{ admin_user }}"
|
||||
key: "{{ lookup('file', admin_key_file) }}"
|
||||
state: present
|
||||
|
||||
become: "{{ admin_become }}"
|
||||
become_user: "{{ admin_become_user }}"
|
Loading…
Reference in a new issue