tom/sib_26_lookups
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mise au point solution

Browse Source
This commit is contained in:
Thomas Constans
2023-03-23 14:37:58 +01:00
parent e9eb38a6c6
commit debadc2d8f
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
keep.kdbx
View File

Binary file not shown.

11
setup.yml
View File

@@ -1,6 +1,9 @@
--- ---
- name: setup target to be managed by ansible - name: setup target to be managed by ansible
hosts: cibles hosts: cibles
vars:
password: "{{lookup( 'viczem.keepass.keepass', 'ansible shell', 'password') }}"
username: "{{ lookup( 'viczem.keepass.keepass', 'ansible shell', 'username') }}"
tasks: tasks:
- name: warn people - name: warn people
lineinfile: lineinfile:
@@ -26,23 +29,21 @@
- name: create account - name: create account
tags: lookup tags: lookup
vars: vars:
password: "{{ lookup( 'viczem.keepass.keepass', 'ansible', 'password') }}"
username: "{{ lookup( 'viczem.keepass.keepass', 'ansible', 'username') }}"
user: user:
name: "{{ username }}" name: "{{ username }}"
password: "{{ password | password_hash('sha512',65534|random(seed=inventory_hostname) | string) }}" password: "{{ password | password_hash('sha512',65534|random(seed=inventory_hostname) | string) }}"
create_home: yes create_home: yes
home: "/home/{{ username }}" home: "/home/{{ username }}"
- name: configure sudo - name: configure sudo
copy: copy:
content: "ansible ALL=(ALL) NOPASSWD: ALL" content: "{{ username }} ALL=(ALL) NOPASSWD: ALL"
dest: /etc/sudoers.d/ansible dest: /etc/sudoers.d/ansible
validate: "/usr/sbin/visudo -cf %s" validate: "/usr/sbin/visudo -cf %s"
- name: deploy ssh key - name: deploy ssh key
authorized_key: authorized_key:
user: ansible user: "{{ username }}"
key: "{{ item }}" key: "{{ item }}"
loop: loop:
- "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}" - "{{ lookup( 'file', '~/.ssh/id_rsa.pub' ) }}"