-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathadd_ansible_user.yml
45 lines (35 loc) · 1.02 KB
/
add_ansible_user.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
---
- hosts: libvirt_kvm,metal
become: yes
tasks:
- name: Ensure sudo is installed
package:
name: sudo
state: present
- name: Add ansible user
user:
name: "{{ new_ansible_user }}"
createhome: yes
state: present
- name: Give NOPASSWD sudo permissions
copy:
dest: /etc/sudoers.d/{{ new_ansible_user }}
validate: visudo -cf %s
content: |
{{ new_ansible_user }} ALL=(ALL) NOPASSWD: ALL
- name: Set authorized_keys for new_ssh_user based on current SSH Agent list
authorized_key:
user: "{{ new_ansible_user }}"
key: "{{ lookup('pipe', 'ssh-add -L') }}"
- hosts: libvirt_kvm,metal
# Override {{ ansible_user }} instead of using
# remote_user: because inventory vars override remote_user
vars:
ansible_user: "{{ new_ansible_user }}"
tasks:
- name: Test for sudo
become: yes
command: whoami
register: result
failed_when: result.stdout != "root"
changed_when: false