internship
/
ansible-playbook-task
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible-playbook-task/playbooks/user-management.yml

96 lines
2.3 KiB
YAML
Raw Blame History

---
- name: User Management Playbook
hosts: all
become: true
tasks:
- name: Remove user 'adelia'
ansible.builtin.user:
name: adelia
state: absent
remove: true
- name: Set facts from users.conf
set_fact:
my_users: "{{ my_users | default([]) + [ {
'user': params[0],
'state': params[1],
'super': (params[2] == 'super')
} ] }}"
loop: "{{ lookup('file', 'user.conf').splitlines() }}"
vars:
params: "{{ item.split(':') }}"
- name: Manage users
ansible.builtin.user:
name: "{{ item.user }}"
state: "{{ item.state }}"
loop: "{{ my_users }}"
- name: Sudo privileges for super users
ansible.builtin.lineinfile:
path: /etc/sudoers
line: "{{ item.user }} ALL=(ALL) NOPASSWD: ALL"
validate: 'visudo -cf %s'
loop: "{{ my_users }}"
when: item.super
- name: Add SSH key for user
ansible.posix.authorized_key:
user: "{{ user_name }}"
state: present
key: "{{ lookup('file', '/root/.ssh/id_rsa.pub') }}"
vars:
user_name: adel
- name: Add user to sudo group
ansible.builtin.user:
name: "{{ sudo_user }}"
groups: sudo
append: true
state: present
create_home: true
vars:
sudo_user: adelia
- name: Configure password reuse policy
ansible.posix.sysctl:
name: "kernel.printk_ratelimit"
value: "10"
state: present
reload: yes
- name: Create group 'pkl'
ansible.builtin.group:
name: pkl
state: present
- name: Create user 'syifa' in group 'pkl'
ansible.builtin.user:
name: syifa
state: present
groups: pkl
append: yes
shell: /bin/bash
- name: Add 'pkl' group to sudoers
ansible.builtin.lineinfile:
path: /etc/sudoers
state: present
regexp: '^%pkl'
line: '%pkl ALL=(ALL) NOPASSWD: ALL'
validate: 'visudo -cf %s'
- name: Remove 'syifa' from group 'pkl'
ansible.builtin.user:
name: syifa
groups: pkl
state: present
append: no
- name: Remove group 'pkl'
ansible.builtin.group:
name: pkl
state: absent
Reference in New Issue View Git Blame Copy Permalink