adds ssh and apt role
This commit is contained in:
James Hackett
parent
57694f8f7e
commit
9b15a71be5
5 changed files with 70 additions and 0 deletions
13
ansible/roles/apt/defaults/main.yml
Normal file
13
ansible/roles/apt/defaults/main.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
apt_packages:
|
||||||
|
- cron
|
||||||
|
- curl
|
||||||
|
- git
|
||||||
|
- htop
|
||||||
|
- net-tools
|
||||||
|
- nmap
|
||||||
|
- sysstat
|
||||||
|
- vim
|
||||||
|
|
||||||
|
apt_install_packages: false
|
||||||
|
apt_update_packages: true
|
||||||
13
ansible/roles/apt/tasks/main.yml
Normal file
13
ansible/roles/apt/tasks/main.yml
Normal file
|
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
- name: apt update packages to their latest version and autoclean
|
||||||
|
become: true
|
||||||
|
apt:
|
||||||
|
upgrade: yes
|
||||||
|
update_cache: yes
|
||||||
|
when: ansible_os_family == "Debian" and apt_update_packages
|
||||||
|
|
||||||
|
- name: install common tools
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: "{{ item }}"
|
||||||
|
with_items: "{{ apt_packages }}"
|
||||||
|
when: ansible_os_family == "Debian" and apt_install_packages
|
||||||
11
ansible/roles/ssh/defaults/main.yml
Normal file
11
ansible/roles/ssh/defaults/main.yml
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# a current listing of all admins who have ssh access to Redbrick.
|
||||||
|
|
||||||
|
github_users:
|
||||||
|
- user: mojito
|
||||||
|
# omitting account variable won't add any github keys to the user.
|
||||||
|
account: DistroByte
|
||||||
|
groups: [sudo, docker]
|
||||||
|
|
||||||
|
github_url: https://github.com
|
||||||
6
ansible/roles/ssh/tasks/creategroups.yml
Normal file
6
ansible/roles/ssh/tasks/creategroups.yml
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
- name: Ensure user groups are present
|
||||||
|
group:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: present
|
||||||
|
with_items: "{{ user_data.groups | default(user_data) }}"
|
||||||
27
ansible/roles/ssh/tasks/main.yml
Normal file
27
ansible/roles/ssh/tasks/main.yml
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
---
|
||||||
|
- include_tasks: creategroups.yml
|
||||||
|
loop: "{{ github_users }}"
|
||||||
|
loop_control:
|
||||||
|
loop_var: user_data
|
||||||
|
|
||||||
|
- name: Ensure user accounts are present
|
||||||
|
user:
|
||||||
|
name: "{{ item.user | default(item) }}"
|
||||||
|
shell: /bin/bash
|
||||||
|
createhome: true
|
||||||
|
groups: "{{ item.groups | default(item) }}"
|
||||||
|
append: yes
|
||||||
|
home: /home/{{ item.user | default(item) }}
|
||||||
|
state: present
|
||||||
|
with_items: "{{ github_users }}"
|
||||||
|
|
||||||
|
- name: Ensure authorized_keys for GitHub user accounts are present
|
||||||
|
authorized_key:
|
||||||
|
user: "{{ item.user | default(item) }}"
|
||||||
|
key: "{{ github_url }}/{{ item.account | default('') }}.keys"
|
||||||
|
manage_dir: true
|
||||||
|
exclusive: False
|
||||||
|
with_items: "{{ github_users }}"
|
||||||
|
ignore_errors: yes
|
||||||
|
register: task_result
|
||||||
|
failed_when: "'blah' in task_result"
|
||||||
Loading…
Reference in a new issue