tom/sib_26_lookups
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mise au point solution

Browse Source
This commit is contained in:
Thomas Constans
2023-03-23 14:37:58 +01:00
parent e9eb38a6c6
commit debadc2d8f
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
keep.kdbx
View File

Binary file not shown.

11
setup.yml
View File

@@ -1,6 +1,9 @@
---
- name: setup target to be managed by ansible
hosts: cibles
vars:
password: "{{lookup( 'viczem.keepass.keepass', 'ansible shell', 'password') }}"
username: "{{ lookup( 'viczem.keepass.keepass', 'ansible shell', 'username') }}"
tasks:
- name: warn people
lineinfile:
@@ -26,23 +29,21 @@
- name: create account
tags: lookup
vars:
password: "{{ lookup( 'viczem.keepass.keepass', 'ansible', 'password') }}"
username: "{{ lookup( 'viczem.keepass.keepass', 'ansible', 'username') }}"
user:
name: "{{ username }}"
password: "{{ password | password_hash('sha512',65534|random(seed=inventory_hostname) | string) }}"
password: "{{ password | password_hash('sha512',65534|random(seed=inventory_hostname) | string) }}"
create_home: yes
home: "/home/{{ username }}"
- name: configure sudo
copy:
content: "ansible ALL=(ALL) NOPASSWD: ALL"
content: "{{ username }} ALL=(ALL) NOPASSWD: ALL"
dest: /etc/sudoers.d/ansible
validate: "/usr/sbin/visudo -cf %s"
- name: deploy ssh key
authorized_key:
user: ansible
user: "{{ username }}"
key: "{{ item }}"
loop:
- "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"