v0.1

playbooks/roles/set-users/tasks/main.yml

@@ -0,0 +1,27 @@
+---
+# tasks file for set-users
+- name: Create new user
+  ansible.builtin.user:
+    name: "{{ main_user }}"
+    create_home: yes
+    shell: /bin/bash
+    password: "{{ user_password| password_hash('sha512') }}"
+
+- name: Add user to groups
+  ansible.builtin.user:
+    name: "{{ main_user }}"
+    groups: "{{ server_groups }}"
+    append: yes
+
+- name: Configure sudo to allow passwordless access for  user
+  become_user: root
+  lineinfile:
+    path: /etc/sudoers.d/ansible_nopasswd
+    create: yes
+    line: "{{ main_user }} ALL=(ALL) NOPASSWD: ALL"
+    validate: "/usr/sbin/visudo -cf %s"
+    mode: "0440"
+    state: present
+
+
+

playbooks/roles/set-users/tasks/users_groups-playbook.yaml.examples

@@ -0,0 +1,42 @@
+---
+- name: Set new users
+  hosts: main_server
+  become: yes
+  tasks:
+
+    - name: Create group
+      ansible.builtin.group:
+        name: "{{ item.name }}"
+        state: present
+
+      loop:
+        - { name: backup }
+        - { name: docker }
+
+    - name: Create new user
+      user:
+        name: "{{ new_user }}"
+        create_home: yes
+        shell: /bin/bash
+        password: "{{ user_password| password_hash('sha512') }}"
+
+    - name: Add user to groups
+      user:
+        name: "{{ new_user }}"
+        groups:
+          - sudo
+          - docker
+        append: yes
+
+    - name: Configure sudo to allow passwordless access for  user
+      become_user: root
+      lineinfile:
+        path: /etc/sudoers.d/ansible_nopasswd
+        create: yes
+        line: "{{ new_user }} ALL=(ALL) NOPASSWD: ALL"
+        validate: "/usr/sbin/visudo -cf %s"
+        mode: "0440"
+        state: present
+
+
+