adds ssh and apt role
This commit is contained in:
James Hackett
parent
57694f8f7e
commit
9b15a71be5
5 changed files with 70 additions and 0 deletions
13
ansible/roles/apt/defaults/main.yml
Normal file
13
ansible/roles/apt/defaults/main.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
apt_packages:
|
||||
- cron
|
||||
- curl
|
||||
- git
|
||||
- htop
|
||||
- net-tools
|
||||
- nmap
|
||||
- sysstat
|
||||
- vim
|
||||
|
||||
apt_install_packages: false
|
||||
apt_update_packages: true
|
||||
13
ansible/roles/apt/tasks/main.yml
Normal file
13
ansible/roles/apt/tasks/main.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
- name: apt update packages to their latest version and autoclean
|
||||
become: true
|
||||
apt:
|
||||
upgrade: yes
|
||||
update_cache: yes
|
||||
when: ansible_os_family == "Debian" and apt_update_packages
|
||||
|
||||
- name: install common tools
|
||||
ansible.builtin.apt:
|
||||
name: "{{ item }}"
|
||||
with_items: "{{ apt_packages }}"
|
||||
when: ansible_os_family == "Debian" and apt_install_packages
|
||||
11
ansible/roles/ssh/defaults/main.yml
Normal file
11
ansible/roles/ssh/defaults/main.yml
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
|
||||
# a current listing of all admins who have ssh access to Redbrick.
|
||||
|
||||
github_users:
|
||||
- user: mojito
|
||||
# omitting account variable won't add any github keys to the user.
|
||||
account: DistroByte
|
||||
groups: [sudo, docker]
|
||||
|
||||
github_url: https://github.com
|
||||
6
ansible/roles/ssh/tasks/creategroups.yml
Normal file
6
ansible/roles/ssh/tasks/creategroups.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
- name: Ensure user groups are present
|
||||
group:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
with_items: "{{ user_data.groups | default(user_data) }}"
|
||||
27
ansible/roles/ssh/tasks/main.yml
Normal file
27
ansible/roles/ssh/tasks/main.yml
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
- include_tasks: creategroups.yml
|
||||
loop: "{{ github_users }}"
|
||||
loop_control:
|
||||
loop_var: user_data
|
||||
|
||||
- name: Ensure user accounts are present
|
||||
user:
|
||||
name: "{{ item.user | default(item) }}"
|
||||
shell: /bin/bash
|
||||
createhome: true
|
||||
groups: "{{ item.groups | default(item) }}"
|
||||
append: yes
|
||||
home: /home/{{ item.user | default(item) }}
|
||||
state: present
|
||||
with_items: "{{ github_users }}"
|
||||
|
||||
- name: Ensure authorized_keys for GitHub user accounts are present
|
||||
authorized_key:
|
||||
user: "{{ item.user | default(item) }}"
|
||||
key: "{{ github_url }}/{{ item.account | default('') }}.keys"
|
||||
manage_dir: true
|
||||
exclusive: False
|
||||
with_items: "{{ github_users }}"
|
||||
ignore_errors: yes
|
||||
register: task_result
|
||||
failed_when: "'blah' in task_result"
|
||||
Loading…
Reference in a new issue